Re: FIREWALL STRATEGY (What do you think?)

To: Bernd Eckenfels <lists@lina.inka.de>
Cc: Debian Firewall <debian-firewall@lists.debian.org>
Subject: Re: FIREWALL STRATEGY (What do you think?)
From: tho@thomsen.isdn.cs.tu-berlin.de
Date: Fri, 30 Apr 1999 23:10:25 +0200
Message-id: <[🔎] 199904302110.XAA03468@buntje.ballum>
Reply-to: thomsen@cs.tu-berlin.de
In-reply-to: Your message of "Thu, 29 Apr 1999 23:37:39 +0200." <[🔎] 19990429233739.B27052@lina.inka.de>

In message <[🔎] 19990429233739.B27052@lina.inka.de>, Bernd Eckenfels writes:
> 
> Actually it is MTU. And you will get ICMP Fragmentation needed (type 4) and
> a bunch of others. You can deny all of them, but have a look at the log and
> analyse the most frequent ones, will get u better performance and lass
> "hanging" connections.
> 
 I think this is of more widespread interest and should be published not only
on the -firewall list. IMHO a (online, surely there are several TCP/IP books) 
description of ICMP is missing. Neither in the NET3-HOWTO, nor in Linux'
Doumentation I found satisfying texts (in the Firewall-HOWTO ICMP isn't even
mentioned, OOps!).

 Is there a document available on this subject? Are you, or anybody else,
interested in writing one? Is there a NET4-HOWTO out?

Guenther

Reply to:

References:
- Re: FIREWALL STRATEGY (What do you think?)
  - From: Bernd Eckenfels <lists@lina.inka.de>

Prev by Date: Re: FIREWALL STRATEGY (What do you think?)
Next by Date: Re: FIREWALL STRATEGY (What do you think?)
Previous by thread: Re: FIREWALL STRATEGY (What do you think?)
Next by thread: Re: FIREWALL STRATEGY (What do you think?)
Index(es):
- Date
- Thread