ipfw And ping
Robert Bonomi
bonomi at mail.r-bonomi.com
Fri Dec 2 04:37:35 UTC 2011
Tim Daneliuk <tundra at tundraware.com> wrote:
> To: Robert Bonomi <bonomi at mail.r-bonomi.com>
> Subject: Re: ipfw And ping
>
> On 12/01/2011 09:12 PM, Robert Bonomi wrote:
> >> From tundra at tundraware.com Thu Dec 1 20:57:55 2011
> >> Date: Thu, 01 Dec 2011 20:56:03 -0600
> >>
> >> Both.
> >
> > Then you want to allow icmp type 0, 3, 8, and 12 -- and type probably 11,
> > too -- both ways.
>
>
> Is there a reason to not use what I have already - i.e., To let all icmp
> types flow in- and out? What's the downside of doing so?
Some _can_ be used maliciously. e.g. REDIRECT
More information about the freebsd-questions
mailing list