Glynn Clements wrote: > Personally I suggest allowing the following ICMP types: > > 0 Echo Reply > 3 Destination Unreachable > 11 Time Exceeded > 12 Parameter Problem > > and dropping the rest (you must allow ICMP type 3). Why must type 3 be allowed? Wouldn't it make it harder to do portscans and similar things, if one drops all outgoing "Destination Unreachable" packets? Regards, Anders K. Pedersen - To unsubscribe from this list: send the line "unsubscribe linux-net" in the body of a message to [EMAIL PROTECTED]
- ICMP: Source quench? Ralf G. R. Bergs
- Re: ICMP: Source quench? Glynn Clements
- Re: ICMP: Source quench? Anders K. Pedersen
- Re: ICMP: Source quench? Alan Cox
- Re: ICMP: Source quench? Ralf G. R. Bergs
- Re: ICMP: Source quench? Alan Cox
- Re: ICMP: Source quench? Glynn Clements
- Re: ICMP: Source quench? Ralf G. R. Bergs
- Re: ICMP: Source quench? Michael H. Warfield
- Re: ICMP: Source quench? Miquel van Smoorenburg
- Re: ICMP: Source quench? Glynn Clements
- Re: ICMP: Source quench? Miquel van Smoorenburg
- Re: Source quench? Ahsan Ali
