Date: Fri, 1 Aug 2003 18:32:05 +0200 From: =?iso-8859-1?Q?Sten_Daniel_S=F8rsdal?= <sten.daniel.sorsdal@wan.no> To: "Michael Sierchio" <kudzu@tenebras.com> Cc: freebsd-ipfw@freebsd.org Subject: RE: Suggestion regarding a new option for IPFW2 Message-ID: <0AF1BBDF1218F14E9B4CCE414744E70F1F3E28@exchange.wanglobal.net>
next in thread | raw e-mail | index | archive | help
> > I dont see how one could divert unreach host messages when unreach > > host drops the message? > > It is the error messages generated by IPFW that i am referring to, > > in case that was unclear. > > You want the source of a an 'unreach' message to be rewritten > with the destination of the offending packet? So, a parameter > to 'unreach' or 'reset' which is an IP address, and could take > the keyword "dest" or something like that? > > ipfw add unreach host-prohib ip from any to any auth > src-alias 10.0.0.1 > > or > > ipfw add unreach host-prohib ip from any to any auth src-alias target > Yes, like that. - Sten
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?0AF1BBDF1218F14E9B4CCE414744E70F1F3E28>