From owner-freebsd-hackers@FreeBSD.ORG  Tue Jul  8 03:19:10 2003
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 6898237B401
	for <hackers@freebsd.org>; Tue,  8 Jul 2003 03:19:10 -0700 (PDT)
Received: from stork.mail.pas.earthlink.net (stork.mail.pas.earthlink.net
	[207.217.120.188])
	by mx1.FreeBSD.org (Postfix) with ESMTP id D7BA743FB1
	for <hackers@freebsd.org>; Tue,  8 Jul 2003 03:19:09 -0700 (PDT)
	(envelope-from tlambert2@mindspring.com)
Received: from user-38lc01p.dialup.mindspring.com ([209.86.0.57]
	helo=mindspring.com)
	by stork.mail.pas.earthlink.net with asmtp (SSLv3:RC4-MD5:128)
	(Exim 3.33 #1)	id 19ZpYP-0001iC-00; Tue, 08 Jul 2003 03:18:34 -0700
Message-ID: <3F0A9A1C.25E6EB35@mindspring.com>
Date: Tue, 08 Jul 2003 03:17:00 -0700
From: Terry Lambert <tlambert2@mindspring.com>
X-Mailer: Mozilla 4.79 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Socketd <db@traceroute.dk>
References: <20030707012205.3103dfc8.db@traceroute.dk>
	<20030707180252.44036c61.db@traceroute.dk>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-ELNK-Trace: b1a02af9316fbb217a47c185c03b154d40683398e744b8a4a4a835edb01d7fed58517baf058fd0f3350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
cc: hackers@freebsd.org
cc: Toni Andjelkovic <toni@soth.at>
Subject: Re: 5 "Advanced" networking questions
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 08 Jul 2003 10:19:10 -0000

Socketd wrote:
> Ok, anyway to prevent sending ICMP's when ttl = 0? Or do I need a
> firewall?

I guess you want to do this so that you can break path MTU
discovery and fail to properly exchange packets with the DF
bit set in the headers, and which don't take into account
intermediate links with smaller MTUs, like VPNs or PPPOE
links?

What exactly are you getting from disabling ICMP, besides a
broken network connection to some systems you may wish to be
able to exchange packets with?

-- Terry