From owner-freebsd-net Mon Aug 27 13:54:41 2001 Delivered-To: freebsd-net@freebsd.org Received: from niwun.pair.com (niwun.pair.com [209.68.2.70]) by hub.freebsd.org (Postfix) with SMTP id 0083637B407 for ; Mon, 27 Aug 2001 13:54:36 -0700 (PDT) (envelope-from silby@silby.com) Received: (qmail 98298 invoked by uid 3193); 27 Aug 2001 20:54:31 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 27 Aug 2001 20:54:31 -0000 Date: Mon, 27 Aug 2001 16:54:31 -0400 (EDT) From: Mike Silbersack X-Sender: To: Jesper Skriver Cc: Scott Renfro , Barney Wolff , , Jonathan Lemon , Bill Fenner , Cory Scott Subject: Re: Proposed change to icmp_may_rst induced ENETRESET In-Reply-To: <20010827150923.L55723@skriver.dk> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Mon, 27 Aug 2001, Jesper Skriver wrote: > On Thu, Aug 23, 2001 at 06:23:31PM -0700, Scott Renfro wrote: > > You have a valid point that icmp_may_rst changes nmap's behavior, even > > with the proposed patch. If you want nmap's historic behavior (admin > > prohib ==> filtered), then turning off icmp_may_rst works. With > > icmp_may_rst turned on and the patch commited, you get the other > > behavior (admin prohib ==> closed). Without the patch, nmap spews > > errors and would need a FreeBSD-specific change. > > I pretty much doesn't care, Jonathan, Bill, Mike what do you think ? > > /Jesper Seems best to have icmp admin-prohibited return what a RST would, just to be compatible with the widest range of apps, IMHO. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message