> Date: Wed, 20 Oct 2010 07:00:07 +0200
> From: shachar A T shemesh DOT biz
> Subject: Re: Are ICMP packets not important for a hosted machine?
>
> In general, some ICMP messages are entirely benign (type 8 - echo
> request or type 11 - time exceeded), some are required (type 3 -
> destination unreachable, of which blocking code 4 causes the PMTU black
> hole syndrome discussed above), some are dangerous (type 5), and some
> are both (type 4 - source quench). I have to admit setting up a
> firewall regarding ICMPs is not an easy task.
>
> Shachar
>
Will net.ipv4.conf.all.accept_redirects=0 override type 5 packet?
Do modern stacks handle type 4 - source quench - much better?
_______________________________________________
Linux-il mailing list
Linux-il@cs.huji.ac.il
http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
