On Sat, 2013-02-09 at 19:57 -0600, khatfi...@socllc.net wrote: > > Deny all ICMP (drop I mean)
Please DON'T do this. ICMP is a required part of the TCP/IP suite. It breaks Path MTU discovery, leading to oddball issues where some sites can't load graphics, some file transfers break, etc. It makes troubleshooting using traceroute not work. If you don't want to get pinged, then drop echo request/reply. But those are really pretty harmless. --Chris _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
