RE: Tcpdump: "admin prohibited filter"

[Yang Xiao <yxiao ohpp com>]

> -----Original Message-----
> From: Andrea Giuliano [mailto:a giuliano iccu sbn it] 
> Sent: Thursday, July 01, 2004 4:30 AM
> To: For users of Fedora Core releases
> Subject: Tcpdump: "admin prohibited filter"
> 
> 
> Dear all,
> 
> trying to make my ADSL connection working, I ran across this 
> suspicious line in the output from  "tcpdump -i ppp0":
> 
> 23:50:26.876061 IP 192.168.100.1 > 82.53.151.158: icmp 36: 
> host 217.144.248.190 unreachable - admin prohibited filter
> 
> The output is full of such lines (you can see the whole 
> output below). What do they mean? Who's the admin? Myself on 
> my local host or the admin of the remote host (in other 
> words, one of the ISP's admins)?
> 
> Since I simply cannot use the connection, even it seems to be 
> up and running, I was wondering if this messages could hide 
> the actual cause of my problems: maybe my ISP has made some 
> changes that prevent me from use the line effectively?
> 
> Please note the following:
> 
> 1) I only had the connection working for one day, June 21, on FC1.
> 2) On June 22 I upgraded to FC2, and the connection became 
> slow, but still working.
> 3) Since June 23, the connection is definitely useless. No 
> host can be reached, not even the DNS server of my ISP, as 
> listed in the syslog after the ppp0 interface has come up.
> 
> Best regards.
> 
> -- 
> Andrea Giuliano, Ph. D.
> ICCU - Istituto Centrale per il Catalogo Unico
> Viale Castro Pretorio 105, Rome - ITALY
> Tel. +39064989509, Fax +39064059302
Hi,
The message means there's some sort of firewall, IP filtering setup
somewhere along the way from your host to the destination for ICMP messages,
such as a IPTABLES rule to block ICMP traffic, nothing suspicious.
You can test this by setup IPTABLES port filtering on one host and do a
tcpdump from another host, try access the port at the same time, you will
see similar messages.
Yang