1 |
hi, |
2 |
|
3 |
you're mixing up icmp and ping. ping is not the same as icmp. maybe you |
4 |
don't really need everyone to be able to ping, but you need at least |
5 |
some icmp for tcp/ip to function correctly. for example you should |
6 |
*never* drop destination-unreachable icmp packets. |
7 |
|
8 |
recommending people to improve their security by "disabling icmp type 0 |
9 |
in the firewall" is WRONG. |
10 |
|
11 |
you should correct this in |
12 |
http://www.gentoo.org/doc/gentoo-security.html before too many people |
13 |
have misconfigured their firewalls. |
14 |
|
15 |
best regards, |
16 |
|
17 |
hanus adler |
18 |
|
19 |
-- |
20 |
One Unix to rule them all, One Resolver to find them, |
21 |
One IP to bring them all and in the zone to bind them. |