Date: Sat, 9 May 1998 13:02:36 -0700 (PDT) From: Doug White <dwhite@gdi.uoregon.edu> To: justin <marcus@ozramp.net.au> Cc: questions@FreeBSD.ORG Subject: Re: help - please :-) Message-ID: <Pine.BSF.3.96.980509130033.3051X-100000@gdi.uoregon.edu> In-Reply-To: <3553E4D1.2A0EC0C6@ozramp.net.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 9 May 1998, justin wrote: > i have my kernel setup for a firewall and all that but i was wondering > would this line block all icmp attacks like echo's and stuff > ipfw add 00001 deny icmp from any to 203.36.35.86 in icmptypes 8 via > tun0 > could you please tell me a few commands that would block from all types > icmp attacks, > also how do i no if its actualy stopping them ??? If you want to block ALL ICMP messages, remove the ``in icmptypes 8'' from the above rule. This blocks ALL ICMP messages, note -- including diagnostic messages like ``host unreachable''. If you want to know if they are working, then test. You can use tcpdump to help. Note that FreeBSD is immune to the Ping of Death if you're not running 2.2.5. 2.2.5 is vulnerable, but a patch is available. Doug White | University of Oregon Internet: dwhite@resnet.uoregon.edu | Residence Networking Assistant http://gladstone.uoregon.edu/~dwhite | Computer Science Major To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980509130033.3051X-100000>