From owner-freebsd-net  Tue Jun  2 01:48:48 1998
Return-Path: <owner-freebsd-net@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id BAA15753
          for freebsd-net-outgoing; Tue, 2 Jun 1998 01:48:48 -0700 (PDT)
          (envelope-from owner-freebsd-net@FreeBSD.ORG)
Received: from mail.ftf.dk (mail.ftf.dk [129.142.64.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id BAA15739
          for <freebsd-net@FreeBSD.ORG>; Tue, 2 Jun 1998 01:48:43 -0700 (PDT)
          (envelope-from regnauld@deepo.prosa.dk)
Received: from mail.prosa.dk ([192.168.100.2])
	by mail.ftf.dk (8.8.8/8.8.8/gw-ftf-1.0) with ESMTP id KAA10891;
	Tue, 2 Jun 1998 10:48:38 +0200 (CEST)
	(envelope-from regnauld@deepo.prosa.dk)
X-Authentication-Warning: mail.ftf.dk: Host [192.168.100.2] claimed to be mail.prosa.dk
Received: from deepo.prosa.dk (deepo.prosa.dk [192.168.100.10])
	by mail.prosa.dk (8.8.5/8.8.5/prosa-1.1) with ESMTP id KAA19774;
	Tue, 2 Jun 1998 10:49:47 +0200 (CEST)
Received: (from regnauld@localhost)
	by deepo.prosa.dk (8.8.8/8.8.5/prosa-1.1) id KAA17083;
	Tue, 2 Jun 1998 10:47:41 +0200 (CEST)
Message-ID: <19980602104741.35998@deepo.prosa.dk>
Date: Tue, 2 Jun 1998 10:47:41 +0200
From: Philippe Regnauld <regnauld@deepo.prosa.dk>
To: Bill Fenner <fenner@parc.xerox.com>
Cc: freebsd-net@FreeBSD.ORG
Subject: Re: ipfw & icmp question
References: <19980530234807.14632@deepo.prosa.dk> <199806020335.UAA08380@mango.parc.xerox.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Mailer: Mutt 0.88e
In-Reply-To: <199806020335.UAA08380@mango.parc.xerox.com>; from Bill Fenner on Mon, Jun 01, 1998 at 08:35:40PM -0700
X-Operating-System: FreeBSD 2.2.6-RELEASE i386
Organization: PROSA
Sender: owner-freebsd-net@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Bill Fenner writes:
> Most TCP stacks ignore ICMP TCP port unraechable errors.  You
> need to configure ipfw to send a TCP RST instead.

	That did the trick, thanks!

	Though it's a bit of a PITA, since there is no RESET option
	in ipfw < 2.2.5, and I have several machines running
	2.2.[1,2]

-- 
 -[ Philippe Regnauld / sysadmin / regnauld@deepo.prosa.dk / +55.4N +11.3E ]-
     «Pluto placed his bad dog at the entrance of Hades to keep the dead
      IN and the living  OUT!  The archetypical corporate firewall?»
                                                       - S. Kelly Bootle

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message