Tcpdump: "admin prohibited filter"
Andrea Giuliano
a.giuliano at iccu.sbn.it
Fri Jul 2 08:25:42 UTC 2004
Dear Andrei,
below is the whole output from tcpdump -i ppp0. The output refers to a
session with Epiphany, during which I tried to connect fedora.redhat.com
and did something else, I guess some ping and some traceroute to some
host.
Note that 82.53.151.158 is the address that my ISP assigned to my host
after ppp0 came up. So it actually seems that my own host refuses to
send ICMP packets outside. At least, I interpret the output this way,
because the suspicious lines all have the form
192.168.100.1 > 82.53.151.158: icmp 36: host 217.144.248.190
where the last IP address often changes from line to line.
Please note also that 80.21.7.56 is one of the DNS provided by the ISP,
and that 192.168.100.1 is the "remote IP address" I was assigned by the
ISP. By the way, I don't exactly know what is this...
Best regars and many thanks!
----------
23:50:26.836259 IP 217.144.248.190.42986 > 82.53.151.158.4662: S 1416838046:1416838046(0) win 5840 <mss 1412,sackOK,timestamp 113682885 0,nop,wscale 0>
23:50:27.073260 IP 82.53.151.158.4662 > 217.144.248.190.42986: R 0:0(0) ack 1416838047 win 0
23:50:26.836853 IP 82.53.151.158.32807 > 80.21.7.56.domain: 37702+ PTR? 158.151.53.82.in-addr.arpa. (44)
23:50:26.876061 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 217.144.248.190 unreachable - admin prohibited filter
23:50:26.885141 IP 80.21.7.56.domain > 82.53.151.158.32807: 37702 1/0/0 (94)
23:50:26.885330 IP 82.53.151.158.32807 > 80.21.7.56.domain: 37703+ PTR? 190.248.144.217.in-addr.arpa. (46)
23:50:27.073155 IP 80.21.7.56.domain > 82.53.151.158.32807: 37703 NXDomain 0/1/0 (109)
23:50:27.073447 IP 82.53.151.158.32807 > 80.21.7.56.domain: 37704+ PTR? 56.7.21.80.in-addr.arpa. (41)
23:50:27.116992 IP 80.21.7.56.domain > 82.53.151.158.32807: 37704 NXDomain 0/1/0 (112)
23:50:27.117176 IP 82.53.151.158.32807 > 80.21.7.56.domain: 37705+ PTR? 1.100.168.192.in-addr.arpa. (44)
23:50:27.160136 IP 80.21.7.56.domain > 82.53.151.158.32807: 37705 NXDomain 0/1/0 (121)
23:50:27.980100 IP 82.53.151.77.4100 > 82.53.151.158.microsoft-ds: S 568382196:568382196(0) win 16384 <mss 1412,nop,nop,sackOK>
23:50:27.980138 IP 82.53.151.158.microsoft-ds > 82.53.151.77.4100: R 0:0(0) ack 568382197 win 0
23:50:27.980363 IP 82.53.151.158.32807 > 80.21.7.56.domain: 37706+ PTR? 77.151.53.82.in-addr.arpa. (43)
23:50:28.019020 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.53.151.77 unreachable - admin prohibited filter
23:50:28.032053 IP 80.21.7.56.domain > 82.53.151.158.32807: 37706 1/0/0 (92)
23:50:30.894367 IP 82.53.151.77.4100 > 82.53.151.158.microsoft-ds: S 568382196:568382196(0) win 16384 <mss 1412,nop,nop,sackOK>
23:50:30.894393 IP 82.53.151.158.microsoft-ds > 82.53.151.77.4100: R 0:0(0) ack 1 win 0
23:50:30.933229 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.53.151.77 unreachable - admin prohibited filter
23:50:32.835355 IP 217.144.248.190.42986 > 82.53.151.158.4662: S 1416838046:1416838046(0) win 5840 <mss 1412,sackOK,timestamp 113683485 0,nop,wscale 0>
23:50:32.835379 IP 82.53.151.158.4662 > 217.144.248.190.42986: R 0:0(0) ack 1 win 0
23:50:32.875202 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 217.144.248.190 unreachable - admin prohibited filter
23:50:36.964492 IP 82.53.151.77.4100 > 82.53.151.158.microsoft-ds: S 568382196:568382196(0) win 16384 <mss 1412,nop,nop,sackOK>
23:50:36.964518 IP 82.53.151.158.microsoft-ds > 82.53.151.77.4100: R 0:0(0) ack 1 win 0
23:50:37.003362 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.53.151.77 unreachable - admin prohibited filter
23:50:41.650953 IP 82.53.151.158.32807 > 80.21.7.56.domain: 64974+ AAAA? fedora.redhat.com. (35)
23:50:43.170624 IP 81.61.126.38.14411 > 82.53.151.158.4662: S 3923091240:3923091240(0) win 32768 <mss 1412,nop,wscale 0,nop,nop,timestamp 1898400125 0>
23:50:43.170667 IP 82.53.151.158.4662 > 81.61.126.38.14411: R 0:0(0) ack 3923091241 win 0
23:50:43.170902 IP 82.53.151.158.32808 > 80.21.7.56.domain: 37707+ PTR? 38.126.61.81.in-addr.arpa. (43)
23:50:43.209558 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 81.61.126.38 unreachable - admin prohibited filter
23:50:43.280508 IP 80.21.7.56.domain > 82.53.151.158.32808: 37707 1/0/0 (83)
23:50:44.840626 IP 217.144.248.190.42986 > 82.53.151.158.4662: S 1416838046:1416838046(0) win 5840 <mss 1412,sackOK,timestamp 113684685 0,nop,wscale 0>
23:50:44.840651 IP 82.53.151.158.4662 > 217.144.248.190.42986: R 0:0(0) ack 1 win 0
23:50:44.879530 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 217.144.248.190 unreachable - admin prohibited filter
23:50:46.309542 IP 81.61.126.38.14411 > 82.53.151.158.4662: S 3923091240:3923091240(0) win 32768 <mss 1412,nop,wscale 0,nop,nop,timestamp 1898400130 0>
23:50:46.309567 IP 82.53.151.158.4662 > 81.61.126.38.14411: R 0:0(0) ack 1 win 0
23:50:46.349048 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 81.61.126.38 unreachable - admin prohibited filter
23:50:46.650459 IP 82.53.151.158.32808 > 80.21.6.58.domain: 64974+ AAAA? fedora.redhat.com. (35)
23:50:46.650651 IP 82.53.151.158.32809 > 80.21.7.56.domain: 37708+ PTR? 58.6.21.80.in-addr.arpa. (41)
23:50:46.708703 IP 80.21.7.56.domain > 82.53.151.158.32809: 37708 NXDomain 0/1/0 (112)
23:50:48.125639 IP 80.129.158.173.4057 > 82.53.151.158.4662: S 494021183:494021183(0) win 5808 <mss 1412,nop,nop,sackOK,nop,wscale 0>
23:50:48.125677 IP 82.53.151.158.4662 > 80.129.158.173.4057: R 0:0(0) ack 494021184 win 0
23:50:48.125913 IP 82.53.151.158.32809 > 80.21.7.56.domain: 37709+ PTR? 173.158.129.80.in-addr.arpa. (45)
23:50:48.165541 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 80.129.158.173 unreachable - admin prohibited filter
23:50:48.217772 IP 80.21.7.56.domain > 82.53.151.158.32809: 37709 1/0/0 (84)
23:50:48.799758 IP 81.61.126.38.14411 > 82.53.151.158.4662: S 3923091240:3923091240(0) win 32768 <mss 1412,nop,wscale 0,nop,nop,timestamp 1898400136 0>
23:50:48.799783 IP 82.53.151.158.4662 > 81.61.126.38.14411: R 0:0(0) ack 1 win 0
23:50:48.838639 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 81.61.126.38 unreachable - admin prohibited filter
23:50:51.329857 IP 80.129.158.173.4057 > 82.53.151.158.4662: S 494021183:494021183(0) win 5808 <mss 1412,nop,nop,sackOK,nop,wscale 0>
23:50:51.329883 IP 82.53.151.158.4662 > 80.129.158.173.4057: R 0:0(0) ack 1 win 0
23:50:51.369765 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 80.129.158.173 unreachable - admin prohibited filter
23:50:51.650659 IP 82.53.151.158.32807 > 80.21.7.56.domain: 64974+ AAAA? fedora.redhat.com. (35)
23:50:52.830824 IP 81.61.126.38.14411 > 82.53.151.158.4662: S 3923091240:3923091240(0) win 32768 <mss 1412>
23:50:52.830848 IP 82.53.151.158.4662 > 81.61.126.38.14411: R 0:0(0) ack 1 win 0
23:50:52.869734 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 81.61.126.38 unreachable - admin prohibited filter
23:50:54.818921 IP 81.61.126.38.14411 > 82.53.151.158.4662: S 3923091240:3923091240(0) win 32768 <mss 1412>
23:50:54.818946 IP 82.53.151.158.4662 > 81.61.126.38.14411: R 0:0(0) ack 1 win 0
23:50:54.858794 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 81.61.126.38 unreachable - admin prohibited filter
23:50:56.650899 IP 82.53.151.158.32808 > 80.21.6.58.domain: 64974+ AAAA? fedora.redhat.com. (35)
23:50:57.094002 IP 80.129.158.173.4057 > 82.53.151.158.4662: S 494021183:494021183(0) win 5808 <mss 1412,nop,nop,sackOK,nop,wscale 0>
23:50:57.094027 IP 82.53.151.158.4662 > 80.129.158.173.4057: R 0:0(0) ack 1 win 0
23:50:57.132895 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 80.129.158.173 unreachable - admin prohibited filter
23:50:57.607931 IP 66.201.198.19.1533 > 82.53.151.158.microsoft-ds: R 0:3(3) ack 0 win 0
23:50:57.608166 IP 82.53.151.158.32809 > 80.21.7.56.domain: 37710+ PTR? 19.198.201.66.in-addr.arpa. (44)
23:50:57.653978 IP 80.21.7.56.domain > 82.53.151.158.32809: 37710 1/0/0 (95)
23:50:57.713878 IP 81.61.126.38.14411 > 82.53.151.158.4662: S 3923091240:3923091240(0) win 32768 <mss 1412>
23:50:57.713903 IP 82.53.151.158.4662 > 81.61.126.38.14411: R 0:0(0) ack 1 win 0
23:50:57.753759 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 81.61.126.38 unreachable - admin prohibited filter
23:51:01.651191 IP 82.53.151.158.32809 > 80.21.7.56.domain: 64975+ AAAA? fedora.redhat.com. (35)
23:51:03.031087 IP 81.61.126.38.14411 > 82.53.151.158.4662: S 3923091240:3923091240(0) win 32768 <mss 1412>
23:51:03.031112 IP 82.53.151.158.4662 > 81.61.126.38.14411: R 0:0(0) ack 1 win 0
23:51:03.071085 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 81.61.126.38 unreachable - admin prohibited filter
23:51:06.651413 IP 82.53.151.158.32810 > 80.21.6.58.domain: 64975+ AAAA? fedora.redhat.com. (35)
23:51:09.092151 IP 80.129.158.173.4057 > 82.53.151.158.4662: S 494021183:494021183(0) win 5808 <mss 1412,nop,nop,sackOK,nop,wscale 0>
23:51:09.092177 IP 82.53.151.158.4662 > 80.129.158.173.4057: R 0:0(0) ack 1 win 0
23:51:09.131275 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 80.129.158.173 unreachable - admin prohibited filter
23:51:11.651621 IP 82.53.151.158.32809 > 80.21.7.56.domain: 64975+ AAAA? fedora.redhat.com. (35)
23:51:12.331360 IP 83.35.148.238.23250 > 82.53.151.158.4662: S 954831870:954831870(0) win 64240 <mss 1400,nop,nop,sackOK>
23:51:12.331401 IP 82.53.151.158.4662 > 83.35.148.238.23250: R 0:0(0) ack 954831871 win 0
23:51:12.331648 IP 82.53.151.158.32811 > 80.21.7.56.domain: 37711+ PTR? 238.148.35.83.in-addr.arpa. (44)
23:51:12.371238 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 83.35.148.238 unreachable - admin prohibited filter
23:51:12.465348 IP 80.21.7.56.domain > 82.53.151.158.32811: 37711 1/0/0 (94)
23:51:14.871324 IP 81.61.126.38.14411 > 82.53.151.158.4662: S 3923091240:3923091240(0) win 32768 <mss 1412>
23:51:14.871350 IP 82.53.151.158.4662 > 81.61.126.38.14411: R 0:0(0) ack 1 win 0
23:51:14.911425 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 81.61.126.38 unreachable - admin prohibited filter
23:51:15.260336 IP 83.35.148.238.23250 > 82.53.151.158.4662: S 954831870:954831870(0) win 64240 <mss 1400,nop,nop,sackOK>
23:51:15.260361 IP 82.53.151.158.4662 > 83.35.148.238.23250: R 0:0(0) ack 1 win 0
23:51:16.495465 IP 207.172.126.42.4007 > 82.53.151.158.microsoft-ds: S 1052150086:1052150086(0) win 64240 <mss 1412,nop,nop,sackOK>
23:51:16.495507 IP 82.53.151.158.microsoft-ds > 207.172.126.42.4007: R 0:0(0) ack 1052150087 win 0
23:51:16.495748 IP 82.53.151.158.32811 > 80.21.7.56.domain: 37712+ PTR? 42.126.172.207.in-addr.arpa. (45)
23:51:16.534403 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 207.172.126.42 unreachable - admin prohibited filter
23:51:16.542470 IP 80.21.7.56.domain > 82.53.151.158.32811: 37712 1/0/0 (112)
23:51:16.651856 IP 82.53.151.158.32810 > 80.21.6.58.domain: 64975+ AAAA? fedora.redhat.com. (35)
23:51:19.508504 IP 207.172.126.42.4007 > 82.53.151.158.microsoft-ds: S 1052150086:1052150086(0) win 64240 <mss 1412,nop,nop,sackOK>
23:51:19.508530 IP 82.53.151.158.microsoft-ds > 207.172.126.42.4007: R 0:0(0) ack 1 win 0
23:51:19.548373 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 207.172.126.42 unreachable - admin prohibited filter
23:51:21.652384 IP 82.53.151.158.32811 > 80.21.7.56.domain: 64976+ A? fedora.redhat.com. (35)
23:51:21.693685 IP 80.21.7.56.domain > 82.53.151.158.32811: 64976+ [1a] [0q] (45)
23:51:25.479639 IP 192.168.100.1 > 224.0.0.1: igmp query v2
23:51:25.479842 IP 82.53.151.158.32812 > 80.21.7.56.domain: 37713+ PTR? 1.0.0.224.in-addr.arpa. (40)
23:51:25.537722 IP 80.21.7.56.domain > 82.53.151.158.32812: 37713 1/0/0 PTR[|domain]
23:51:26.693352 IP 82.53.151.158.32812 > 80.21.6.58.domain: 64976+ A? fedora.redhat.com. (35)
23:51:26.772629 IP 80.21.6.58.domain > 82.53.151.158.32812: 64976+ [1a] [0q] (45)
23:51:31.772563 IP 82.53.151.158.32811 > 80.21.7.56.domain: 64976+ A? fedora.redhat.com. (35)
23:51:31.814882 IP 80.21.7.56.domain > 82.53.151.158.32811: 64976+ [1a] [0q] (45)
23:51:36.814791 IP 82.53.151.158.32812 > 80.21.6.58.domain: 64976+ A? fedora.redhat.com. (35)
23:51:36.895085 IP 80.21.6.58.domain > 82.53.151.158.32812: 64976+ [1a] [0q] (45)
23:51:41.895077 IP 82.53.151.158.32813 > 80.21.7.56.domain: 64977+ A? fedora.redhat.com. (35)
23:51:41.937024 IP 80.21.7.56.domain > 82.53.151.158.32813: 64977+ [1a] [0q] (45)
23:51:42.865126 IP 82.50.73.108.4956 > 82.53.151.158.135: S 2246548242:2246548242(0) win 16384 <mss 1412,nop,nop,sackOK>
23:51:42.865165 IP 82.53.151.158.135 > 82.50.73.108.4956: R 0:0(0) ack 2246548243 win 0
23:51:42.865396 IP 82.53.151.158.32814 > 80.21.7.56.domain: 37714+ PTR? 108.73.50.82.in-addr.arpa. (43)
23:51:42.904056 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.50.73.108 unreachable - admin prohibited filter
23:51:42.926209 IP 80.21.7.56.domain > 82.53.151.158.32814: 37714 1/0/0 (92)
23:51:44.748262 IP localhost.localdomain.http > 82.53.151.158.1845: R 0:0(0) ack 1069088769 win 0
23:51:45.707176 IP 82.50.73.108.4956 > 82.53.151.158.135: S 2246548242:2246548242(0) win 16384 <mss 1412,nop,nop,sackOK>
23:51:45.707201 IP 82.53.151.158.135 > 82.50.73.108.4956: R 0:0(0) ack 1 win 0
23:51:45.746070 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.50.73.108 unreachable - admin prohibited filter
23:51:46.937276 IP 82.53.151.158.32814 > 80.21.6.58.domain: 64977+ A? fedora.redhat.com. (35)
23:51:47.017200 IP 80.21.6.58.domain > 82.53.151.158.32814: 64977+ [1a] [0q] (45)
23:51:52.017482 IP 82.53.151.158.32813 > 80.21.7.56.domain: 64977+ A? fedora.redhat.com. (35)
23:51:52.059454 IP 80.21.7.56.domain > 82.53.151.158.32813: 64977+ [1a] [0q] (45)
23:51:54.262361 IP 208.28.230.28.40674 > 82.53.151.158.microsoft-ds: S 3830808558:3830808558(0) win 64512 <mss 1380,nop,nop,sackOK>
23:51:54.262403 IP 82.53.151.158.microsoft-ds > 208.28.230.28.40674: R 0:0(0) ack 3830808559 win 0
23:51:54.262641 IP 82.53.151.158.32815 > 80.21.7.56.domain: 37715+ PTR? 28.230.28.208.in-addr.arpa. (44)
23:51:54.301504 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 208.28.230.28 unreachable - admin prohibited filter
23:51:54.429425 IP 80.21.7.56.domain > 82.53.151.158.32815: 37715 NXDomain 0/1/0 (120)
23:51:57.059716 IP 82.53.151.158.32814 > 80.21.6.58.domain: 64977+ A? fedora.redhat.com. (35)
23:51:57.136378 IP 80.21.6.58.domain > 82.53.151.158.32814: 64977+ [1a] [0q] (45)
23:51:57.295538 IP 208.28.230.28.40674 > 82.53.151.158.microsoft-ds: S 3830808558:3830808558(0) win 64512 <mss 1380,nop,nop,sackOK>
23:51:57.295564 IP 82.53.151.158.microsoft-ds > 208.28.230.28.40674: R 0:0(0) ack 1 win 0
23:51:57.335439 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 208.28.230.28 unreachable - admin prohibited filter
23:52:00.156566 IP 194.109.221.21.56326 > 82.53.151.158.4662: S 3334071386:3334071386(0) win 65535 <mss 1412,nop,wscale 0,nop,nop,timestamp 2192487124 0>
23:52:00.156608 IP 82.53.151.158.4662 > 194.109.221.21.56326: R 0:0(0) ack 3334071387 win 0
23:52:00.156838 IP 82.53.151.158.32815 > 80.21.7.56.domain: 37716+ PTR? 21.221.109.194.in-addr.arpa. (45)
23:52:00.195514 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 194.109.221.21 unreachable - admin prohibited filter
23:52:00.324576 IP 80.21.7.56.domain > 82.53.151.158.32815: 37716 1/0/0 (77)
23:52:00.665606 IP 82.53.151.77.1860 > 82.53.151.158.microsoft-ds: S 865356270:865356270(0) win 16384 <mss 1412,nop,nop,sackOK>
23:52:00.665631 IP 82.53.151.158.microsoft-ds > 82.53.151.77.1860: R 0:0(0) ack 865356271 win 0
23:52:00.704490 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.53.151.77 unreachable - admin prohibited filter
23:52:00.930691 IP 82.53.144.160.4029 > 82.53.151.158.135: S 780828066:780828066(0) win 16384 <mss 1412,nop,nop,sackOK>
23:52:00.930732 IP 82.53.151.158.135 > 82.53.144.160.4029: R 0:0(0) ack 780828067 win 0
23:52:00.930946 IP 82.53.151.158.32815 > 80.21.7.56.domain: 37717+ PTR? 160.144.53.82.in-addr.arpa. (44)
23:52:00.992531 IP 80.21.7.56.domain > 82.53.151.158.32815: 37717 1/0/0 (94)
23:52:02.136168 IP 82.53.151.158.32815 > 80.21.7.56.domain: 17117+ AAAA? fedora.redhat.com. (35)
23:52:02.958661 IP 194.109.221.21.56326 > 82.53.151.158.4662: S 3334071386:3334071386(0) win 65535 <mss 1412,nop,wscale 0,nop,nop,timestamp 2192487129 0>
23:52:02.958686 IP 82.53.151.158.4662 > 194.109.221.21.56326: R 0:0(0) ack 1 win 0
23:52:02.997606 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 194.109.221.21 unreachable - admin prohibited filter
23:52:03.333668 IP 208.28.230.28.40674 > 82.53.151.158.microsoft-ds: S 3830808558:3830808558(0) win 64512 <mss 1380,nop,nop,sackOK>
23:52:03.333694 IP 82.53.151.158.microsoft-ds > 208.28.230.28.40674: R 0:0(0) ack 1 win 0
23:52:03.635760 IP 82.53.151.77.1860 > 82.53.151.158.microsoft-ds: S 865356270:865356270(0) win 16384 <mss 1412,nop,nop,sackOK>
23:52:03.635785 IP 82.53.151.158.microsoft-ds > 82.53.151.77.1860: R 0:0(0) ack 1 win 0
23:52:03.675637 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.53.151.77 unreachable - admin prohibited filter
23:52:03.929686 IP 82.53.144.160.4029 > 82.53.151.158.135: S 780828066:780828066(0) win 16384 <mss 1412,nop,nop,sackOK>
23:52:03.929711 IP 82.53.151.158.135 > 82.53.144.160.4029: R 0:0(0) ack 1 win 0
23:52:05.919752 IP 194.109.221.21.56326 > 82.53.151.158.4662: S 3334071386:3334071386(0) win 65535 <mss 1412,nop,wscale 0,nop,nop,timestamp 2192487135 0>
23:52:05.919778 IP 82.53.151.158.4662 > 194.109.221.21.56326: R 0:0(0) ack 1 win 0
23:52:05.957632 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 194.109.221.21 unreachable - admin prohibited filter
23:52:07.136206 IP 82.53.151.158.32816 > 80.21.6.58.domain: 17117+ AAAA? fedora.redhat.com. (35)
23:52:08.907887 IP 194.109.221.21.56326 > 82.53.151.158.4662: S 3334071386:3334071386(0) win 65535 <mss 1412>
23:52:08.907913 IP 82.53.151.158.4662 > 194.109.221.21.56326: R 0:0(0) ack 1 win 0
23:52:08.947719 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 194.109.221.21 unreachable - admin prohibited filter
23:52:09.705890 IP 82.53.151.77.1860 > 82.53.151.158.microsoft-ds: S 865356270:865356270(0) win 16384 <mss 1412,nop,nop,sackOK>
23:52:09.705914 IP 82.53.151.158.microsoft-ds > 82.53.151.77.1860: R 0:0(0) ack 1 win 0
23:52:09.745773 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.53.151.77 unreachable - admin prohibited filter
23:52:11.192822 IP 82.53.48.170.1384 > 82.53.151.158.microsoft-ds: S 1211941074:1211941074(0) win 16384 <mss 1412,nop,nop,sackOK>
23:52:11.192863 IP 82.53.151.158.microsoft-ds > 82.53.48.170.1384: R 0:0(0) ack 1211941075 win 0
23:52:11.193100 IP 82.53.151.158.32817 > 80.21.7.56.domain: 37718+ PTR? 170.48.53.82.in-addr.arpa. (43)
23:52:11.232182 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.53.48.170 unreachable - admin prohibited filter
23:52:11.256832 IP 80.21.7.56.domain > 82.53.151.158.32817: 37718 1/0/0 (92)
23:52:11.934906 IP 194.109.221.21.56326 > 82.53.151.158.4662: S 3334071386:3334071386(0) win 65535 <mss 1412>
23:52:11.934931 IP 82.53.151.158.4662 > 194.109.221.21.56326: R 0:0(0) ack 1 win 0
23:52:11.973803 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 194.109.221.21 unreachable - admin prohibited filter
23:52:12.136422 IP 82.53.151.158.32815 > 80.21.7.56.domain: 17117+ AAAA? fedora.redhat.com. (35)
23:52:14.136888 IP 82.53.48.170.1384 > 82.53.151.158.microsoft-ds: S 1211941074:1211941074(0) win 16384 <mss 1412,nop,nop,sackOK>
23:52:14.136914 IP 82.53.151.158.microsoft-ds > 82.53.48.170.1384: R 0:0(0) ack 1 win 0
23:52:14.176000 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.53.48.170 unreachable - admin prohibited filter
23:52:14.932953 IP 194.109.221.21.56326 > 82.53.151.158.4662: S 3334071386:3334071386(0) win 65535 <mss 1412>
23:52:14.932989 IP 82.53.151.158.4662 > 194.109.221.21.56326: R 0:0(0) ack 1 win 0
23:52:14.973063 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 194.109.221.21 unreachable - admin prohibited filter
23:52:17.136669 IP 82.53.151.158.32816 > 80.21.6.58.domain: 17117+ AAAA? fedora.redhat.com. (35)
23:52:20.921314 IP 194.109.221.21.56326 > 82.53.151.158.4662: S 3334071386:3334071386(0) win 65535 <mss 1412>
23:52:20.921339 IP 82.53.151.158.4662 > 194.109.221.21.56326: R 0:0(0) ack 1 win 0
23:52:20.960154 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 194.109.221.21 unreachable - admin prohibited filter
23:52:22.136956 IP 82.53.151.158.32817 > 80.21.7.56.domain: 17118+ AAAA? fedora.redhat.com. (35)
23:52:25.521236 IP 192.168.100.1 > 224.0.0.1: igmp query v2
23:52:27.137165 IP 82.53.151.158.32818 > 80.21.6.58.domain: 17118+ AAAA? fedora.redhat.com. (35)
23:52:32.137785 IP 82.53.151.158.32817 > 80.21.7.56.domain: 17118+ AAAA? fedora.redhat.com. (35)
23:52:32.948588 IP 194.109.221.21.56326 > 82.53.151.158.4662: S 3334071386:3334071386(0) win 65535 <mss 1412>
23:52:32.948614 IP 82.53.151.158.4662 > 194.109.221.21.56326: R 0:0(0) ack 1 win 0
23:52:32.987494 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 194.109.221.21 unreachable - admin prohibited filter
23:52:37.137701 IP 82.53.151.158.32818 > 80.21.6.58.domain: 17118+ AAAA? fedora.redhat.com. (35)
23:52:42.138521 IP 82.53.151.158.32818 > 80.21.7.56.domain: 17119+ A? fedora.redhat.com. (35)
23:52:42.180701 IP 80.21.7.56.domain > 82.53.151.158.32818: 17119+ [1a] [0q] (45)
23:52:47.180730 IP 82.53.151.158.32819 > 80.21.6.58.domain: 17119+ A? fedora.redhat.com. (35)
23:52:47.250810 IP 80.21.6.58.domain > 82.53.151.158.32819: 17119+ [1a] [0q] (45)
23:52:52.250326 IP 82.53.151.158.32818 > 80.21.7.56.domain: 17119+ A? fedora.redhat.com. (35)
23:52:52.292060 IP 80.21.7.56.domain > 82.53.151.158.32818: 17119+ [1a] [0q] (45)
23:52:57.291587 IP 82.53.151.158.32819 > 80.21.6.58.domain: 17119+ A? fedora.redhat.com. (35)
23:52:57.372233 IP 80.21.6.58.domain > 82.53.151.158.32819: 17119+ [1a] [0q] (45)
23:53:02.371825 IP 82.53.151.158.32819 > 80.21.7.56.domain: 17120+ A? fedora.redhat.com. (35)
23:53:02.414208 IP 80.21.7.56.domain > 82.53.151.158.32819: 17120+ [1a] [0q] (45)
23:53:02.594265 IP 82.53.149.48.4779 > 82.53.151.158.135: S 1511895157:1511895157(0) win 16384 <mss 1412,nop,nop,sackOK>
23:53:02.594307 IP 82.53.151.158.135 > 82.53.149.48.4779: R 0:0(0) ack 1511895158 win 0
23:53:02.594546 IP 82.53.151.158.32820 > 80.21.7.56.domain: 37719+ PTR? 48.149.53.82.in-addr.arpa. (43)
23:53:02.634609 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.53.149.48 unreachable - admin prohibited filter
23:53:02.641380 IP 80.21.7.56.domain > 82.53.151.158.32820: 37719 1/0/0 (92)
23:53:03.957313 IP 82.53.151.77.3539 > 82.53.151.158.microsoft-ds: S 1067339000:1067339000(0) win 16384 <mss 1412,nop,nop,sackOK>
23:53:03.957339 IP 82.53.151.158.microsoft-ds > 82.53.151.77.3539: R 0:0(0) ack 1067339001 win 0
23:53:03.996217 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.53.151.77 unreachable - admin prohibited filter
23:53:05.566447 IP 82.53.149.48.4779 > 82.53.151.158.135: S 1511895157:1511895157(0) win 16384 <mss 1412,nop,nop,sackOK>
23:53:05.566472 IP 82.53.151.158.135 > 82.53.149.48.4779: R 0:0(0) ack 1 win 0
23:53:05.606326 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.53.149.48 unreachable - admin prohibited filter
23:53:06.907524 IP 82.53.151.77.3539 > 82.53.151.158.microsoft-ds: S 1067339000:1067339000(0) win 16384 <mss 1412,nop,nop,sackOK>
23:53:06.907551 IP 82.53.151.158.microsoft-ds > 82.53.151.77.3539: R 0:0(0) ack 1 win 0
23:53:06.947356 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.53.151.77 unreachable - admin prohibited filter
23:53:07.414042 IP 82.53.151.158.32820 > 80.21.6.58.domain: 17120+ A? fedora.redhat.com. (35)
23:53:07.494403 IP 80.21.6.58.domain > 82.53.151.158.32820: 17120+ [1a] [0q] (45)
23:53:10.384474 IP 82.53.151.77.4469 > 82.53.151.158.microsoft-ds: S 1088524029:1088524029(0) win 16384 <mss 1412,nop,nop,sackOK>
23:53:10.384500 IP 82.53.151.158.microsoft-ds > 82.53.151.77.4469: R 0:0(0) ack 1088524030 win 0
23:53:10.423381 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.53.151.77 unreachable - admin prohibited filter
23:53:12.494290 IP 82.53.151.158.32819 > 80.21.7.56.domain: 17120+ A? fedora.redhat.com. (35)
23:53:12.536633 IP 80.21.7.56.domain > 82.53.151.158.32819: 17120+ [1a] [0q] (45)
23:53:12.942675 IP 82.53.151.77.3539 > 82.53.151.158.microsoft-ds: S 1067339000:1067339000(0) win 16384 <mss 1412,nop,nop,sackOK>
23:53:12.942701 IP 82.53.151.158.microsoft-ds > 82.53.151.77.3539: R 0:0(0) ack 1 win 0
23:53:12.981555 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.53.151.77 unreachable - admin prohibited filter
23:53:13.345498 IP 82.53.151.77.4469 > 82.53.151.158.microsoft-ds: S 1088524029:1088524029(0) win 16384 <mss 1412,nop,nop,sackOK>
23:53:13.345523 IP 82.53.151.158.microsoft-ds > 82.53.151.77.4469: R 0:0(0) ack 1 win 0
23:53:17.539240 IP 82.53.151.158.32820 > 80.21.6.58.domain: 17120+ A? fedora.redhat.com. (35)
23:53:17.597600 IP 80.21.6.58.domain > 82.53.151.158.32820: 17120+ [1a] [0q] (45)
23:53:19.411710 IP 82.53.151.77.4469 > 82.53.151.158.microsoft-ds: S 1088524029:1088524029(0) win 16384 <mss 1412,nop,nop,sackOK>
23:53:19.411735 IP 82.53.151.158.microsoft-ds > 82.53.151.77.4469: R 0:0(0) ack 1 win 0
23:53:19.451588 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 82.53.151.77 unreachable - admin prohibited filter
23:53:25.546918 IP 192.168.100.1 > 224.0.0.1: igmp query v2
On Thu, 2004-07-01 at 20:58, Florin Andrei wrote:
> On Thu, 2004-07-01 at 01:30, Andrea Giuliano wrote:
> > Dear all,
> >
> > trying to make my ADSL connection working, I ran across this suspicious
> > line in the output from "tcpdump -i ppp0":
> >
> > 23:50:26.876061 IP 192.168.100.1 > 82.53.151.158: icmp 36: host 217.144.248.190 unreachable - admin prohibited filter
> >
> > The output is full of such lines (you can see the whole output below).
> > What do they mean? Who's the admin? Myself on my local host or the admin
> > of the remote host (in other words, one of the ISP's admins)?
>
> What are those addresses that you mention?
>
> "admin prohibited filter" means that there's a firewall that blocks a
> connection, and it does that in the most user-friendly way possible: it
> send back an ICMP packet that means precisely that: the admin of that
> firewall doesn't want those packets to get through.
>
> It could be a firewall at the destination site.
> It could be a firewall in between.
> It could be iptables on your own Linux machine. :-)
> It all depends on what those IP addresses are.
>
> --
> Florin Andrei
>
> http://florin.myip.org/
--
Andrea Giuliano, Ph. D.
ICCU - Istituto Centrale per il Catalogo Unico
Viale Castro Pretorio 105, Rome - ITALY
Tel. +39064989509, Fax +39064059302
More information about the fedora-list
mailing list