cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

TG528n router firewall message

Townman
Superuser
Superuser
Posts: 22,980
Thanks: 9,580
Fixes: 159
Registered: ‎22-08-2007

TG528n router firewall message

‎10-02-2014 10:37 AM

Found this in the logs this morning...
Quote
Feb 10 05:09:56 FIREWALL icmp check (1 of 1): Protocol: ICMP Src ip: 198.27.85.44 Dst ip: 80.229.my.ip Type: Destination Unreachable Code: Communication with Destination Host is Administratively Prohibited

Can anyone tell me what this means please?
Clearly this message has reached its destination (my IP address), so the destination has been reached, but what administrative configuration is blocking the connection?
Not worried, just want to understand the messages!

In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.

Message 1 of 3
(874 Views)
0 Thanks
2 REPLIES 2
ejs
Aspiring Hero
Posts: 5,442
Thanks: 631
Fixes: 25
Registered: ‎10-06-2010

Re: TG528n router firewall message

‎10-02-2014 12:58 PM

The log message just lists some of the details contained in the ICMP packet. It was an ICMP packet of type "Destination Unreachable" and contained the reason code number for "Communication with Destination Host is Administratively Prohibited" See http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol#Destination_unreachable
The ICMP packet probably contained further details, which are not given in the log messages (details which are essential to match the packet to an outgoing connection). The router would be expecting to receive an ICMP destination unreachable packet that corresponds to an outgoing packet. But anyone could create and send an ICMP destination unreachable packet, which the router will ignore or write an unhelpful log message about, if there was no outgoing packet that could have resulted in that ICMP destination unreachable packet being received.
Message 2 of 3
(441 Views)
0 Thanks
Townman
Superuser
Superuser
Posts: 22,980
Thanks: 9,580
Fixes: 159
Registered: ‎22-08-2007

Re: TG528n router firewall message

‎10-02-2014 1:17 PM

Ejs,
Thank you for the information.  So in short, someone s spoofing replies to messages which were never set.
Cheers,
Kevin

In another browser tab, login into the Plusnet user portal BEFORE clicking the fault & ticket links

Superusers are not staff, but they do have a direct line of communication into the business in order to raise issues, concerns and feedback from the community.

If this post helped, please click the Thumbs Up and if it fixed your issue, please click the This fixed my problem green button below.

Message 3 of 3
(441 Views)
0 Thanks