From owner-freebsd-ipfw Tue Sep 21 9:17:52 1999 Delivered-To: freebsd-ipfw@freebsd.org Received: from gndrsh.dnsmgr.net (GndRsh.dnsmgr.net [198.145.92.4]) by hub.freebsd.org (Postfix) with ESMTP id 402A414E47 for ; Tue, 21 Sep 1999 09:17:44 -0700 (PDT) (envelope-from rgrimes@gndrsh.dnsmgr.net) Received: (from rgrimes@localhost) by gndrsh.dnsmgr.net (8.9.3/8.9.3) id JAA63174; Tue, 21 Sep 1999 09:16:21 -0700 (PDT) (envelope-from rgrimes) From: "Rodney W. Grimes" Message-Id: <199909211616.JAA63174@gndrsh.dnsmgr.net> Subject: Re: what is 'ICMP:3.13' ? In-Reply-To: from Henk van Oers at "Sep 21, 1999 09:40:35 am" To: hvoers@anp.nl (Henk van Oers) Date: Tue, 21 Sep 1999 09:16:21 -0700 (PDT) Cc: brian@sys.com.sg (Brian Tan), freebsd-ipfw@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > On Tue, 21 Sep 1999, Brian Tan wrote: > > > Henk van Oers wrote: > > > > > > > > > "Tried the following"? Did you know what you where doing? > > > Isn't the Cisco wrong configured? > > > > > The Cisco does have IGRP enabled. Is there any problem allowing the > > protocol packet through? or should the IGRP be disabled in the Cisco? > > I do not see the use of "private interior gateway protocol" on a public > interface, so why allow the packets. > And if the Cisco has no one to talk to, why litter the LAN? > When you "tried" the allow rule, I was thinking of why not try to disallow > it? The ipfw rules are there to enable what you need and not to let > through what you don't know. Isn't it? I would also contact the administrator responsible for that Cisco beforing doing any of the above. There may be a very good reason that IGRP is enabled. If your this is an ISP supplied unit you should contact them about it, they may be using IGRP over the WAN link to maintain your conectivity and turing it off my disconnect you. -- Rod Grimes - KD7CAX - (RWG25) rgrimes@gndrsh.dnsmgr.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message