something is trying to connect to udp port 500, you're not running
isakmpd, so nothing is listening on 500, so an icmp "host unreachable"
packet gets sent out.  Put an explicit block statement for udp port 500
to drop the packet.

I miss the first part of your posting, so I don't have the entire thread.



On Sat, 1 Nov 2003, Richard wrote:

> Hi
> 
> Looking further into my own logs and running ipmon I can see the 
> following on the screen in front of me........
> 
> 01/11/2003 17:45:15 619700 ippp0 @3 p 194.247.49.58 -> 194.247.41.11 
> PR icmp len 20 56 icmp unreach/port for 194.247.41.11,500 - 
> 194.247.49.58,500 PR udp len 20 29 OUT
> 
> 
> Wasn't quite sure what port 500 was and so I had a look at 
> /etc/services.  Turns out it's IP Sec key management.  I'm not using 
> IP Sec on this box or any other.     Any explanation for what this 
> might be about ?  I've already included the ICMP allow part of the ipf 
> conf that was mentioned earlier.  Any suggestions for solving it might 
> be good since the connection goes up and stays established once it's 
> got a hold.  Not good for paying the bills :)
> 
> Thanks
> 
> 
> 
> -- 
> Richard
> 



To announce that there must be no criticism of the president,
or that we are to stand by the president, right or wrong, is not
only unpatriotic and servile, but is morally treasonable to 
the American public.  - Theodore Roosevelt(1918)

For PGP Public key
http://www.swcp.com/~deichert/pgp_public_key.txt