Date: Fri, 01 Aug 2003 09:07:35 -0700 From: Michael Sierchio <kudzu@tenebras.com> To: =?ISO-8859-1?Q?Sten_Daniel_S=F8rsdal?= <sten.daniel.sorsdal@wan.no> Cc: freebsd-ipfw@freebsd.org Subject: Re: Suggestion regarding a new option for IPFW2 Message-ID: <3F2A9047.9030808@tenebras.com> In-Reply-To: <0AF1BBDF1218F14E9B4CCE414744E70F1F3E26@exchange.wanglobal.net> References: <0AF1BBDF1218F14E9B4CCE414744E70F1F3E26@exchange.wanglobal.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Sten Daniel Sørsdal wrote: > I dont see how one could divert unreach host messages when unreach > host drops the message? > It is the error messages generated by IPFW that i am referring to, > in case that was unclear. You want the source of a an 'unreach' message to be rewritten with the destination of the offending packet? So, a parameter to 'unreach' or 'reset' which is an IP address, and could take the keyword "dest" or something like that? ipfw add unreach host-prohib ip from any to any auth src-alias 10.0.0.1 or ipfw add unreach host-prohib ip from any to any auth src-alias target
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F2A9047.9030808>