Re: FIREWALL STRATEGY (What do you think?)
In message <[🔎] 19990429233739.B27052@lina.inka.de>, Bernd Eckenfels writes:
>
> Actually it is MTU. And you will get ICMP Fragmentation needed (type 4) and
> a bunch of others. You can deny all of them, but have a look at the log and
> analyse the most frequent ones, will get u better performance and lass
> "hanging" connections.
>
I think this is of more widespread interest and should be published not only
on the -firewall list. IMHO a (online, surely there are several TCP/IP books)
description of ICMP is missing. Neither in the NET3-HOWTO, nor in Linux'
Doumentation I found satisfying texts (in the Firewall-HOWTO ICMP isn't even
mentioned, OOps!).
Is there a document available on this subject? Are you, or anybody else,
interested in writing one? Is there a NET4-HOWTO out?
Guenther
Reply to: