Date: Mon, 21 Aug 2000 19:26:13 -0600 From: Warner Losh <imp@village.org> To: Mipam <mipam@ibb.net> Cc: Jaroshenko Serge <jaroshenko@mail.ru>, William Wong <willwong@anime.ca>, freebsd-security@FreeBSD.ORG Subject: Re: icmptypes Message-ID: <200008220126.TAA42980@harmony.village.org> In-Reply-To: Your message of "Mon, 21 Aug 2000 13:17:59 %2B0200." <Pine.LNX.3.95.1000821131544.7312D-100000@ux1.ibb.net> References: <Pine.LNX.3.95.1000821131544.7312D-100000@ux1.ibb.net>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.LNX.3.95.1000821131544.7312D-100000@ux1.ibb.net> Mipam writes: : Okay, however, why not block in all icmp and let yourself be able to ping : to the outside. With state keeping you'll recieve the reply's. : Unless of course you wish ppl to ping you initially? DO NOT BLOCK ALL ICMP PACKETS. There, I'm done shouting. Blocking all ICMP packets breaks path mtu discovery. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008220126.TAA42980>