return-icmp() relative question to ipf rule.
jhell
jhell at DataIX.net
Sat Oct 10 02:40:18 UTC 2009
I have a rule I used in ipfilter probably around 2 or so years ago and I
am now getting around to trying to implement in it my pf rules. So far any
results I have achieved have failed with no response back from the server
and get dropped.
The rule in ipf syntax:
block return-icmp-as-dest(13) in log first quick proto icmp all icmp-type
8
The above ipf rule returns a result of "Destination Administratively
Prohibited" when ping'd
The following pf syntax:
block return-icmp(3,13) in quick inet proto icmp from any to any icmp-type
8 code 0
The above pf rule returns a result of "Nothing ........" when ping'd
Just to be sure I wasn't mucking up the chain of rules I added this as the
only rule to test it out and have achieved the same result multiple times
on a test machine.
Can anyone shed some light on the syntax and help me out with getting this
rule to make the system respond to a echo request with admin-prohib as
the destination system ?
Thanks
--
;; dataix.net!jhell 2048R/89D8547E 2009-09-30
;; BSD since FreeBSD 4.2 Linux since Slackware 2.1
;; 85EF E26B 07BB 3777 76BE B12A 9057 8789 89D8 547E
More information about the freebsd-pf
mailing list