Date: Sat, 24 May 1997 12:58:08 +1000 (EST) From: Darren Reed <darrenr@cyber.com.au> To: julian@FreeBSD.ORG (Julian Elischer) Cc: cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, cvs-sys@FreeBSD.ORG Subject: Re: cvs commit: src/sys/netinet ip_icmp.c Message-ID: <199705240258.MAA11722@plum.cyber.com.au> In-Reply-To: <199705232217.PAA25661@freefall.freebsd.org> from "Julian Elischer" at May 23, 97 03:17:34 pm
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail I received from Julian Elischer, sie wrote > > julian 1997/05/23 15:17:34 PDT > > Modified files: (Branch: WHISTLE_NET_BRANCH_1) > sys/netinet ip_icmp.c > Log: > Submitted by: archie@whistle.com > don't look for a matching receive interface if the packet was not received. > This can happen if an icmp UNREACH or similar is being generated > by firewall code. (Prior to firewall code this was not possible). This series of changes intrigues me. When I came upon this problem, I at first thought it a problem and then realised that for locally generated packets, this situation is usually handled by functions returning an error code (i.e. EHOSTUNREACH or similar) rather than there being an ICMP packet to respond to. IMHO, ipfw shouldn't send an ICMP response to a locally generated packet. Darren
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199705240258.MAA11722>