Date: Wed, 23 Aug 2000 02:35:02 -0400 (EDT) From: Mike Nowlin <mike@argos.org> To: Warner Losh <imp@village.org> Cc: William Wong <willwong@anime.ca>, freebsd-security@FreeBSD.ORG Subject: Re: icmptypes Message-ID: <Pine.LNX.4.21.0008230230400.4338-100000@jason.argos.org> In-Reply-To: <200008220128.TAA43045@harmony.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
> For ICMP packets, drop them on the floor, but make sure that you have
> the path mtu types enabled.
>
> Warner
Mebbe we should put in something into the kernel that always lets those
packets through...
(Just kidding... :) )
Actually, maybe a warning message (with a sysctl knob to turn it off) that
gets triggered when these packets are blocked by ipfw & friends might not
be a completely horrible idea. If people start seeing "this is
dumb" messages show up, they'll probably ask "Why?".
Enlightenment for the masses.
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Understated/funny man-page sentence of the current time period:
From route(4) on FreeBSD-3.4, DESCRIPTION section:
"FreeBSD provides some packet routing facilities."
...duh.......
Mike Nowlin, N8NVW mike@argos.org http://www.viewsnet.com
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.21.0008230230400.4338-100000>