So didnt take long for my "friends" to return...
Here is log of 12.5k icmp packets (target ip changed to 192.168.10.11): https://mega.nz/#!McVHzRab!jQuLn2jVpZY2H3nIkcar1WpmUszxL1qbR6KJMUHaRJI
And here are iptables counters:
89484 5270K ACCEPT icmp -- bond2.13 * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 14276 977K LOG icmp -- bond2.13 * 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG flags 0 level 4 prefix `PING-DROP:' 578K 40M DROP icmp -- bond2.13 * 0.0.0.0/0 0.0.0.0/0 Will check with my network guys if we have uRPF running on routers.
Anything else that can be done to prevent shit like this??
[link][1 comment]