Date: Sat, 02 Feb 2002 22:03:08 +0100 From: "Rogier R. Mulhuijzen" <drwilco@drwilco.net> To: "R.P. Aditya" <aditya@grot.org> Cc: Shaun Jurrens <shaun@shamz.net>, freebsd-net@FreeBSD.ORG, Alexey Luckyanchikov <alexl@alkar.net> Subject: Re: Weird path MTU autodiscovery problem in 4.5-RELEASE Message-ID: <5.1.0.14.0.20020202215924.01b9e248@mail.drwilco.net> In-Reply-To: <20020202200729.GA22083@mighty.grot.org> References: <5.1.0.14.0.20020202202155.01b9e390@mail.drwilco.net> <20020202191943.B65253@atreides.freenix.no> <5.1.0.14.0.20020202202155.01b9e390@mail.drwilco.net>
next in thread | previous in thread | raw e-mail | index | archive | help
At 12:07 2-2-2002 -0800, R.P. Aditya wrote:
>On Sat, Feb 02, 2002 at 08:32:49PM +0100, Rogier R. Mulhuijzen wrote:
> > ICMP is an IP protocol, if the very first rule in IPFW is 'allow ip from
> > any to any' then ICMP is allowed.
>
>uh, that might be ipfw-speak (I don't use or pretend to know ipfw) but ICMP is
>NOT "part" of IP (that would defeat the whole purpose of using it as a control
>protocol for IP). Look at /etc/protocols:
>
>ip 0 IP # internet protocol, pseudo protocol number
>icmp 1 ICMP # internet control message protocol
1) /etc/protocols to my knowledge lists IP-protocols... note that 0 is a
PSEUDO protocol number. TCP and UDP are listed further down, those are IP
protocols. IPv6 that's listed there is 6over4 packets to my knowledge.
2) Even if this were not the case, in IPFW if you allow ip, you allow all.
'all' is nothing but an alias for 'ip'
Doc
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.0.20020202215924.01b9e248>