[Shorewall-users] Three way ICMP ?

Bill.Light at kp.org Bill.Light at kp.org
Tue Dec 2 13:57:09 PST 2003

On Tue, 2003-12-02 at 12:47, Tom Eastep wrote:

> You can eliminate these annoying messages by adding this to your
> /etc/shorewall/start file:
> run_iptables -I OUTPUT 3 -p icmp -j ACCEPT

Or, more conventionally, by adding this rule:

                 ACCEPT          $FW             net             icmp



Done - We'll see what happens...

Thanks for the quick response!

Also - apparently I added to the "New Actions" thread and it got lost....

To add my 2 cents....The comment on the same line of a blacklist entry 
would be nice...i.e the IP address and what they did (or why I put it 

example - something like:    ; This joker keeps trying the old senmail exploit 


# This next joker keeps trying the old sendmail exploit  23-Nov-2003

I know it's a nit....and certainly no showstopper.

- Bill

More information about the Shorewall-users mailing list