Re: FIREWALL STRATEGY (What do you think?)

To: thomsen@cs.tu-berlin.de, Debian Firewall <debian-firewall@lists.debian.org>
Subject: Re: FIREWALL STRATEGY (What do you think?)
From: Manel Marin <uni00771@pc-internet.com>
Date: Sun, 2 May 1999 20:44:52 +0200
Message-id: <[🔎] 19990502204452.B283@p166>
In-reply-to: <199904302110.XAA03468@buntje.ballum>; from tho@thomsen.isdn.cs.tu-berlin.de on Fri, Apr 30, 1999 at 11:10:25PM +0200
References: <19990429233739.B27052@lina.inka.de> <199904302110.XAA03468@buntje.ballum>

On Fri, Apr 30, 1999 at 11:10:25PM +0200, tho@thomsen.isdn.cs.tu-berlin.de wrote:
> In message <19990429233739.B27052@lina.inka.de>, Bernd Eckenfels writes:
> > 
> > Actually it is MTU. And you will get ICMP Fragmentation needed (type 4) and
> > a bunch of others. You can deny all of them, but have a look at the log and
> > analyse the most frequent ones, will get u better performance and lass
> > "hanging" connections.
> > 
>  I think this is of more widespread interest and should be published not only
> on the -firewall list. IMHO a (online, surely there are several TCP/IP books) 
> description of ICMP is missing. Neither in the NET3-HOWTO, nor in Linux'
> Doumentation I found satisfying texts (in the Firewall-HOWTO ICMP isn't even
> mentioned, OOps!).
> 
>  Is there a document available on this subject? Are you, or anybody else,
> interested in writing one? Is there a NET4-HOWTO out?
> 

What about RFC792 ICMP PROTOCOL SPECIFICATION ? (it comes with Debian 2.0)

Best regards,
-- 
--------------------------------
Manel Marin   e-mail: uni00771@pc-internet.com
Linux Powered (Debian 2.0)
--------------------------------

Reply to:

Follow-Ups:
- Re: FIREWALL STRATEGY (What do you think?)
  - From: Guenther Thomsen <tho@thomsen.isdn.cs.tu-berlin.de>

Prev by Date: And what about denying UDP?
Next by Date: Re: other services on a firewall
Previous by thread: Re: FIREWALL STRATEGY (What do you think?)
Next by thread: Re: FIREWALL STRATEGY (What do you think?)
Index(es):
- Date
- Thread