RE: ICMP Rule Problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The answer lies within RFC 1122 which states "that an ICMP error message
should not be sent as the result of receiving another ICMP error message."
However, An ICMP message can be sent in response to an ICMP query message,
which is what an echo request is, and is the source of the question that
started this thread. 

-----Original Message-----
From: netfilter-admin@xxxxxxxxxxxxxxxxxxx
[mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of Kiran Kumar
Sent: Tuesday, February 03, 2004 5:24 AM
To: Netfilter Mailing List
Subject: Re: ICMP Rule Problem

--- Antony Stone <Antony@xxxxxxxxxxxxxxxxxxxx> wrote:
> Never mind that, you're not allowed to respond to ICMP packets with 
> ICMP errors.
> 
> See RFC792 page 1.

  Wrong. You are not allowed to respond to ICMP _errors_ with ICMP errors,
what else does ping mean by giving error messages like "Destination Host
Unreachable" ?.


=====
Regards,
Kiran Kumar Immidi

__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free web site building tool. Try it!
http://webhosting.yahoo.com/ps/sb/




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux