Date: Wed, 20 Aug 2008 20:23:26 +0200 From: Nicolas KARP <nicolaskarp@freE.fr> To: Leslie Jensen <leslie@eskk.nu> Cc: freebsd-pf@freebsd.org Subject: Re: Question about icmp Message-ID: <48AC611E.60007@freE.fr> In-Reply-To: <48AC53BC.8040003@eskk.nu> References: <48AC53BC.8040003@eskk.nu>
next in thread | previous in thread | raw e-mail | index | archive | help
Leslie Jensen a écrit : > > When setting up PF I found the recommendation to use the following > rule to allow ICMP to pass. > > # macros > icmp_types="echoreq" > > # filter rules > pass in inet proto icmp all icmp-type $icmp_types keep state > > I do not understand why this is necessary! > > Will someone Please explain to me why it's necessary if I must have > it, or if I can delete that rule. > > Thanks > > /Leslie > _______________________________________________ > freebsd-pf@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-pf > To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" Hi, Fo my mind, it's just an example.. So,you can delete that rule if you don't want to permit the ping request :) You must add an ICMP rule if you are using PMTU discovery ! Bye, Nicos.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?48AC611E.60007>