From owner-freebsd-net  Mon Mar 18 11:28:59 2002
Delivered-To: freebsd-net@freebsd.org
Received: from rack.purplecat.net (rack.purplecat.net [208.133.44.46])
	by hub.freebsd.org (Postfix) with ESMTP id 2764A37B404
	for <freebsd-net@freebsd.org>; Mon, 18 Mar 2002 11:28:42 -0800 (PST)
Received: (qmail 8376 invoked from network); 18 Mar 2002 19:28:41 -0000
Received: from unknown (HELO lap) (208.150.26.35)
  by rack.purplecat.net with SMTP; 18 Mar 2002 19:28:41 -0000
From: "Peter Brezny" <pbrezny@purplecat.net>
To: <freebsd-net@freebsd.org>
Subject: icmp 5
Date: Mon, 18 Mar 2002 14:33:34 -0500
Message-ID: <HDEBKOFAJCKIJIDMEINCKEBFELAA.pbrezny@purplecat.net>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.3018.1300
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-net.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-net>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-net>
X-Loop: FreeBSD.org

Hi Everyone,

Where can i find an explanation of the different icmp types.

I ran across some standard firewall rulesets that say these types are
required:
#       Allow required ICMP
        $fwcmd add allow icmp from any to any icmptypes 3,4,11,12 keep-state

And now I've got a cisco router that's wanting a response from an icmp type
5.

What is type 5 for, and where can i get some more info on the different
types in an icmp packet.

Well, I just partly answered my question with a quick google search for icmp
type

http://www.iana.org/assignments/icmp-parameters


However, I'm still needing some more info.  Why would my router be sending
redirect ICMP info to this host?

And are the required ICMP types in the firewall rule above really adequate?

Here's what's showing up in the system report:
> ipfw: 65435 Deny ICMP:5.0 router.ip.address host.ip.adress in via xl0

Where the host has only the following icmp types allowed.

#       Allow required ICMP
        $fwcmd add allow icmp from any to any icmptypes 3,4,11,12 keep-state

Thanks,

Peter Brezny
purplecat.net


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message