James wrote:
Where would the ICMP go anyway because you either don�t have a route to where you would point the packet to or the route points to null.
uRPF should not emit an ICMP when it drops a -reject route. Even with ip unreachables, Cisco won't emit ICMP when uRPF is killing a packet. The source
that triggered uRPF drop condition cannot be trusted as it may have spoofed the
packet.
Pete
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
