Date: 22 Jun 1999 14:17:20 +0200 From: Dag-Erling Smorgrav <des@flood.ping.uio.no> To: Dean <dean@thegrid.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: ip firewall and icmp/dos. Message-ID: <xzpyahcjupb.fsf@flood.ping.uio.no> In-Reply-To: Dean's message of "Mon, 21 Jun 1999 22:35:39 -0700" References: <376E9ECA.F30CC3FC@telebot.net> <4.1.19990621221636.0091fac0@mail.thegrid.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Dean <dean@thegrid.net> writes: > allow icmp from any to any in icmptype 0,3,4,11,12,14,16 4,12,14,16 are unnecessary. You only need 0,3,11 (and 8 if you're not afraid of being ping-flooded - see ICMP_BANDLIM). I use: pass icmp from any to any icmptype 0,3,8,11 DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzpyahcjupb.fsf>