From owner-freebsd-questions Tue Jul 17 11:20:48 2001 Delivered-To: freebsd-questions@freebsd.org Received: from cactus.fi.uba.ar (cactus.fi.uba.ar [157.92.49.108]) by hub.freebsd.org (Postfix) with ESMTP id F2B4137B403 for ; Tue, 17 Jul 2001 11:20:38 -0700 (PDT) (envelope-from fgleiser@cactus.fi.uba.ar) Received: from cactus.fi.uba.ar (cactus.fi.uba.ar [157.92.49.108]) by cactus.fi.uba.ar (8.11.3/8.9.3) with ESMTP id f6HIIZt99989; Tue, 17 Jul 2001 15:18:35 -0300 (ART) (envelope-from fgleiser@cactus.fi.uba.ar) Date: Tue, 17 Jul 2001 15:18:35 -0300 (ART) From: Fernando Gleiser To: Mark Livingstone Cc: Subject: Re: how could this PACKET get through?! In-Reply-To: <200107171815.OAA19997@mail.ottawa.com> Message-ID: <20010717151034.C96585-100000@cactus.fi.uba.ar> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, 17 Jul 2001, Mark Livingstone wrote: [snip] > > pass in log quick on ed0 proto icmp from any to any icmp-type 0 > pass in log quick on ed0 proto icmp from any to any icmp-type unreach code 3 > pass in log quick on ed0 proto icmp from any to any icmp-type unreach code 4 > pass in log quick on ed0 proto icmp from any to any icmp-type timex ^^^^^^^^ Here is: you allow incomming icmp time exeeded, and log it. The packet you received was a time exeeded in transit (11/0). Those seem the rules to make traceroute work. If you keep state on outgoing udp packets you won't need them, the state code can tell icmp packets which are responses to outgoing packets from icmp packets which aren't (because an icmp error has the first bytes of the packet which caused it). Fer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message