2.4.0 firewalling code: reject with type 3 code 13

From: Frank van Maarseveen (F.vanMaarseveen@inter.NL.net)
Date: Sat Jul 22 2000 - 14:12:47 EST

Next message: Karen Shaeffer: "Re: Butting in.. (Was: scsi-destroyer.c to come...)"
Previous message: Khimenko Victor: "Re: Direct access to hardware"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Is there any reason why we should not reject incoming TCP/UDP/ICMP (echo request)
packets with ICMP type 3 (destination unreachable) code 13?

communication administratively prohibited by filtering

I was suprised by a machine on the internet doing so and couldn't adapt
my shields^H^H^H^H^H^H^Hfirewall rules with iptables in a similar way. Both
iptables (--reject-with option) and the kernel need to be updated for this to
work.

-- Frank

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Karen Shaeffer: "Re: Butting in.. (Was: scsi-destroyer.c to come...)"
Previous message: Khimenko Victor: "Re: Direct access to hardware"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sun Jul 23 2000 - 21:00:19 EST