> They will? Is that specific to 'icmp dst port'? I thought routers > between the source and the destination could return ICMP errors with > their IP address if there is not route or such... Well, the normal scenario is this: A sends a packet to B to a closed port B sends imcp dest port unreach. The icmp dest port unreach has: source: B, dest: A, and as the payload 64 bytes (in case of linux) of the offending packets (there we see that A send that packet to B to a closed port)
The NEW scenario is this: A sends a packet to B to a closed port B sends icmp and changes the IP to a fake one. A receives the icmp, and says: hey, i did not send packets to 'fake IP', this is a mistake-->DROP or is it not this way?
