From owner-freebsd-isp@FreeBSD.ORG  Mon Aug 25 06:51:16 2003
Return-Path: <owner-freebsd-isp@FreeBSD.ORG>
Delivered-To: freebsd-isp@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 71A4316A4BF
	for <freebsd-isp@freebsd.org>; Mon, 25 Aug 2003 06:51:16 -0700 (PDT)
Received: from mail.sandvine.com (sandvine.com [199.243.201.138])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C2B6F43FA3
	for <freebsd-isp@freebsd.org>; Mon, 25 Aug 2003 06:51:15 -0700 (PDT)
	(envelope-from don@sandvine.com)
Received: by mail.sandvine.com with Internet Mail Service (5.5.2653.19)
	id <RL8TTDFS>; Mon, 25 Aug 2003 09:51:11 -0400
Message-ID: <FE045D4D9F7AED4CBFF1B3B813C85337027424B8@mail.sandvine.com>
From: Don Bowman <don@sandvine.com>
To: 'User Ernie' <ernie@spooky.eis.net.au>,
	Don Bowman <don@sandvine.com>
Date: Mon, 25 Aug 2003 09:51:05 -0400
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2653.19)
Content-Type: text/plain;
	charset="iso-8859-1"
cc: freebsd-isp@freebsd.org
Subject: RE: Blocking Virus ICMP flood
X-BeenThere: freebsd-isp@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Internet Services Providers <freebsd-isp.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-isp>
List-Post: <mailto:freebsd-isp@freebsd.org>
List-Help: <mailto:freebsd-isp-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-isp>,
	<mailto:freebsd-isp-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 25 Aug 2003 13:51:16 -0000

> From: User Ernie [mailto:ernie@spooky.eis.net.au]
> [ Charset ISO-8859-1 unsupported, converting... ]
> > > From: User Ernie [mailto:ernie@spooky.eis.net.au]
> > > 
> > > Does anyone know if ipfw can do someting similar to:
> > > 
> > >  deny icmp any any echo tos min-delay
> > > 
> > > Which is the Cisco command I use to try and limit the flood 
> > > style icmp traffic from the
> > > recent Internet viruses.
> > > 
> > > - Ernie.
> > 
> > ipfw add deny icmp from any to any icmptypes 0,8  iptos lowdelay
> > 
> I tried that but it gives me the following error:
> 
> ipfw: unknown or out of order argument `iptos''
> 
> 
> Does it depend on FreeBSD version? I am running 4.8-STABLE

I have IPFW2 option enabled, that may be required.