Re: FIREWALL STRATEGY (What do you think?)

To: thomsen@cs.tu-berlin.de
Cc: Bernd Eckenfels <lists@lina.inka.de>, Debian Firewall <debian-firewall@lists.debian.org>
Subject: Re: FIREWALL STRATEGY (What do you think?)
From: Martin Schulze <joey@finlandia.Infodrom.North.DE>
Date: Sun, 2 May 1999 03:28:38 +0200
Message-id: <[🔎] 19990502032838.A14347@finlandia.infodrom.north.de>
Reply-to: Martin Schulze <joey@infodrom.north.de>
In-reply-to: <199904302110.XAA03468@buntje.ballum>; from tho@thomsen.isdn.cs.tu-berlin.de on Fri, Apr 30, 1999 at 11:10:25PM +0200
References: <19990429233739.B27052@lina.inka.de> <199904302110.XAA03468@buntje.ballum>

tho@thomsen.isdn.cs.tu-berlin.de wrote:
> In message <19990429233739.B27052@lina.inka.de>, Bernd Eckenfels writes:
> > 
> > Actually it is MTU. And you will get ICMP Fragmentation needed (type 4) and
> > a bunch of others. You can deny all of them, but have a look at the log and
> > analyse the most frequent ones, will get u better performance and lass
> > "hanging" connections.
> > 
>  I think this is of more widespread interest and should be published not only
> on the -firewall list. IMHO a (online, surely there are several TCP/IP books) 
> description of ICMP is missing. Neither in the NET3-HOWTO, nor in Linux'
> Doumentation I found satisfying texts (in the Firewall-HOWTO ICMP isn't even
> mentioned, OOps!).

Please submit a proper chapter.  Even a bad formulated one would be better
than nothing, so please go ahead.

Regards,

	Joey

-- 
A mathematician is a machine for converting coffee into theorems.

Please always Cc to me when replying to me on the lists.

Reply to:

Follow-Ups:
- Re: FIREWALL STRATEGY (What do you think?)
  - From: tho@thomsen.isdn.cs.tu-berlin.de

Next by Date: Re: IP fw-in deny (?)
Next by thread: Re: FIREWALL STRATEGY (What do you think?)
Index(es):
- Date
- Thread