Date: Fri, 6 Sep 1996 17:08:37 +0200 (IST) From: Nadav Eiron <nadav@barcode.co.il> To: Hal Snyder <hal@post.vale.com> Cc: Hal Snyder <hal@post.vale.com>, "'Nash, Alex'" <nash@mcs.com>, "'questions@freebsd.org'" <questions@freebsd.org> Subject: RE: catching a ping/ipfw/ipfilter Message-ID: <Pine.BSF.3.91.960906170730.29041B-100000@gatekeeper.barcode.co.il> In-Reply-To: <01BB9BD3.B49048A0@jaguar>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 6 Sep 1996, Hal Snyder wrote:
> Nadav Eiron wrote:
>
> > > For syslogging, you could enable IPFIREWALL and use the likes of
> > > ipfw add accept log icmp from any to ${my_ip} icmptypes 0,8
>
> > Better than ipfw, you can use IPfilter (I think it's in the ports, and if
> > not, you can use the standard version, it has instructions for compiling
> > on FreeBSD, at least for 2.1.0). Unlike ipfw it knows about ICMP types so
> > you can log/block just ICMP echos.
>
> That's precisely what the *icmptypes* arg is for in the ipfw line above.
>
> Haven't used ipfilter - though I noticed a lengthy thread a few weeks ago
> about ipfilter vs. ipfw. It turned into yet another holy war toward the end.
>
> I know that ipfw is significantly improved in 2.1.5 over the 2.1.0 version,
Well, then that's probably it. I'm running 2.1.0 on my firewall, and the
docs specifically mention that ipfw cannot filter on ICMP types, so I use
IPfilter.
> including allowing rules applicable to selected ICMP packet types. I use it
> because I know how to get it to work for me, and am quite happy with the
> results.
>
>
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.91.960906170730.29041B-100000>