Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: "gentoo-security@..." <gentoo-security@g.o>
From: Frank Gruellich <frank@...>
Subject: Re: firewall suggestions?
Date: Fri, 9 Jan 2004 03:27:12 +0100
* Andy Smith <andy@...>  9. Jan 04
> On Thu, Jan 08, 2004 at 05:55:26PM +0100, Frank Gruellich wrote:
> > * Troy Farrell <troy@...>  8. Jan 04
> > > Chain allow-icmp-traffic (2 references)
> > > REJECT     icmp --  anywhere             anywhere
> > The default answer of REJECT ist port unreachable.  I always wondered,
> > if this is a good way to answer to a question in a protocol with no
> > ports.  Shouldn't you answer with ICMP protocol unreachable maybe?
> I thought that ICMP should never be answered with ICMP?  So the
> correct action would be DROP in this case.

Oh, come on, echo request isn't answered with echo reply anymore?
Please think, then post.  ICMP errors are not answerd, that's right so
far.

 Regards, Frank.
-- 
Sigmentation fault

--
gentoo-security@g.o mailing list

Replies:
Re: firewall suggestions?
-- Andy Smith
References:
RE: firewall suggestions?
-- MA
Re: firewall suggestions?
-- Oliver Schad
Re: firewall suggestions?
-- Ryan Voots
Re: firewall suggestions?
-- Troy Farrell
Re: firewall suggestions?
-- Frank Gruellich
Re: firewall suggestions?
-- Andy Smith
Navigation:
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: firewall suggestions?
Next by thread:
Re: firewall suggestions?
Previous by date:
Re: firewall suggestions?
Next by date:
Re: firewall suggestions?


Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.