Bug 1152 - The remote host answers to an ICMP timestamp request |AS-15702| Sarswatbank
Review Request #530 — Created Nov. 18, 2024 and submitted — Latest diff uploaded
| Information | |
|---|---|
| mmiriam | |
| APV10 | |
| rel_apv_10.7 | |
| 1152 | |
| Reviewers | |
| kdutta, prajesh, tanya | |
Bug 1152 - The remote host answers to an ICMP timestamp request. Added options in accesslist CLI of permit or deny icmp packet of type timestampreq or timestampreply
testcase1: (check dropped packets getting reflected)
webwall port2 on
show log b b -----> INFO 2024 Nov 13 13:15:09 WebWall: ICMP TYPE_13 SRC:192.168.162.89 DST:192.168.162.134 dropped┌──(root㉿admin)-[~]
└─# nping --icmp-type=13 192.168.162.134Starting Nping 0.7.94SVN ( https://nmap.org/nping ) at 2024-11-14 11:24 IST
SENT (0.0226s) ICMP [192.168.162.89 > 192.168.162.134 Timestamp request (type=13/code=0) id=28050 seq=1 orig=0 recv=0 trans=0] IP [ttl=64 id=40820 iplen=40 ]
SENT (1.0229s) ICMP [192.168.162.89 > 192.168.162.134 Timestamp request (type=13/code=0) id=28050 seq=2 orig=0 recv=0 trans=0] IP [ttl=64 id=40820 iplen=40 ]
SENT (2.0241s) ICMP [192.168.162.89 > 192.168.162.134 Timestamp request (type=13/code=0) id=28050 seq=3 orig=0 recv=0 trans=0] IP [ttl=64 id=40820 iplen=40 ]
SENT (3.0254s) ICMP [192.168.162.89 > 192.168.162.134 Timestamp request (type=13/code=0) id=28050 seq=4 orig=0 recv=0 trans=0] IP [ttl=64 id=40820 iplen=40 ]
SENT (4.0266s) ICMP [192.168.162.89 > 192.168.162.134 Timestamp request (type=13/code=0) id=28050 seq=5 orig=0 recv=0 trans=0] IP [ttl=64 id=40820 iplen=40 ]Max rtt: N/A | Min rtt: N/A | Avg rtt: N/A
Raw packets sent: 5 (200B) | Rcvd: 0 (0B) | Lost: 5 (100.00%)
Nping done: 1 IP address pinged in 5.06 secondstestcase2: (check icmp type 13 packets getting permited)
accessgroup 50 port2
accesslist permit icmp timestampreq 192.168.162.89 255.255.255.255 192.168.162.134 255.255.255.255 50
webwall port2 on┌──(root㉿admin)-[~]
└─# nping --icmp-type=13 192.168.162.134Starting Nping 0.7.94SVN ( https://nmap.org/nping ) at 2024-11-14 11:25 IST
SENT (0.0164s) ICMP [192.168.162.89 > 192.168.162.134 Timestamp request (type=13/code=0) id=45465 seq=1 orig=0 recv=0 trans=0] IP [ttl=64 id=1326 iplen=40 ]
RCVD (0.0172s) ICMP [192.168.162.134 > 192.168.162.89 Timestamp reply (type=14/code=0) id=45465 seq=1 orig=0 recv=19468277 trans=19468277] IP [ttl=64 id=11 iplen=40 ]
RCVD (0.0172s) ICMP [192.168.162.134 > 192.168.162.89 Timestamp reply (type=14/code=0) id=45465 seq=1 orig=0 recv=19468278 trans=19468278] IP [ttl=64 id=25622 iplen=40 ]
SENT (1.0174s) ICMP [192.168.162.89 > 192.168.162.134 Timestamp request (type=13/code=0) id=45465 seq=2 orig=0 recv=0 trans=0] IP [ttl=64 id=1326 iplen=40 ]
RCVD (1.0188s) ICMP [192.168.162.134 > 192.168.162.89 Timestamp reply (type=14/code=0) id=45465 seq=2 orig=0 recv=19469278 trans=19469278] IP [ttl=64 id=12 iplen=40 ]
RCVD (1.0188s) ICMP [192.168.162.134 > 192.168.162.89 Timestamp reply (type=14/code=0) id=45465 seq=2 orig=0 recv=19469279 trans=19469279] IP [ttl=64 id=25623 iplen=40 ]
SENT (2.0190s) ICMP [192.168.162.89 > 192.168.162.134 Timestamp request (type=13/code=0) id=45465 seq=3 orig=0 recv=0 trans=0] IP [ttl=64 id=1326 iplen=40 ]
RCVD (2.0197s) ICMP [192.168.162.134 > 192.168.162.89 Timestamp reply (type=14/code=0) id=45465 seq=3 orig=0 recv=19470280 trans=19470280] IP [ttl=64 id=13 iplen=40 ]
RCVD (2.0199s) ICMP [192.168.162.134 > 192.168.162.89 Timestamp reply (type=14/code=0) id=45465 seq=3 orig=0 recv=19470280 trans=19470280] IP [ttl=64 id=25624 iplen=40 ]
SENT (3.0210s) ICMP [192.168.162.89 > 192.168.162.134 Timestamp request (type=13/code=0) id=45465 seq=4 orig=0 recv=0 trans=0] IP [ttl=64 id=1326 iplen=40 ]
RCVD (3.2403s) ICMP [192.168.162.134 > 192.168.162.89 Timestamp reply (type=14/code=0) id=45465 seq=4 orig=0 recv=19471282 trans=19471282] IP [ttl=64 id=14 iplen=40 ]
RCVD (3.2403s) ICMP [192.168.162.134 > 192.168.162.89 Timestamp reply (type=14/code=0) id=45465 seq=4 orig=0 recv=19471282 trans=19471282] IP [ttl=64 id=25625 iplen=40 ]
SENT (4.0223s) ICMP [192.168.162.89 > 192.168.162.134 Timestamp request (type=13/code=0) id=45465 seq=5 orig=0 recv=0 trans=0] IP [ttl=64 id=1326 iplen=40 ]
RCVD (4.0232s) ICMP [192.168.162.134 > 192.168.162.89 Timestamp reply (type=14/code=0) id=45465 seq=5 orig=0 recv=19472283 trans=19472283] IP [ttl=64 id=15 iplen=40 ]Max rtt: 219.300ms | Min rtt: 0.597ms | Avg rtt: 49.449ms
Raw packets sent: 5 (200B) | Rcvd: 9 (414B) | Lost: 0 (0.00%)
Nping done: 1 IP address pinged in 4.05 seconds