On 2007/04/26 01:01, chefren wrote: > Although it's not well known TCP seriously depends on ICMP packets of > type 3 code 4 for "Path MTU Discovery" (PTMTUD). Blocking of these > packets lead to congested IP connections, broken transmissions and thus > to frustrated users.
for PF, 'keep state' on the TCP rule (default in 4.1) does the right thing and matches the appropriate ICMP messages as well.
