5 "Advanced" networking questions
Terry Lambert
tlambert2 at mindspring.com
Tue Jul 8 04:18:19 PDT 2003
Socketd wrote:
> > I guess you want to do this so that you can break path MTU
> > discovery and fail to properly exchange packets with the DF
> > bit set in the headers, and which don't take into account
> > intermediate links with smaller MTUs, like VPNs or PPPOE
> > links?
> >
> > What exactly are you getting from disabling ICMP, besides a
> > broken network connection to some systems you may wish to be
> > able to exchange packets with?
>
> I don't want to disable ICMP, just don't want to respond when ttl=0,
> meaning when my firewall/gateway is on a "traceroute path".
You should specifically modify the ICMP code to not respond
to echo datagrams, or when ttl == 0, then, and work it that
way. In other words, it's time to hack your network stack
to specifically add that "feature".
-- Terry
More information about the freebsd-hackers
mailing list