Re: FIREWALL STRATEGY (What do you think?)
In message <[🔎] 19990502204452.B283@p166>, Manel Marin writes:
> On Fri, Apr 30, 1999 at 11:10:25PM +0200, tho@thomsen.isdn.cs.tu-berlin.de wr
> ote:
> > In message <19990429233739.B27052@lina.inka.de>, Bernd Eckenfels writes:
> > >
> > > Actually it is MTU. And you will get ICMP Fragmentation needed (type 4) a
> nd
> > > a bunch of others. You can deny all of them, but have a look at the log a
> nd
> > > analyse the most frequent ones, will get u better performance and lass
> > > "hanging" connections.
> > >
> > I think this is of more widespread interest and should be published not on
> ly
> > on the -firewall list. IMHO a (online, surely there are several TCP/IP book
> s)
> > description of ICMP is missing. Neither in the NET3-HOWTO, nor in Linux'
> > Doumentation I found satisfying texts (in the Firewall-HOWTO ICMP isn't eve
> n
> > mentioned, OOps!).
> >
> > Is there a document available on this subject? Are you, or anybody else,
> > interested in writing one? Is there a NET4-HOWTO out?
> >
>
> What about RFC792 ICMP PROTOCOL SPECIFICATION ? (it comes with Debian 2.0)
>
Yes, I totally forgot about the RFCs. RFC 792 seems to be the
ICMP defining RFC, in /usr/src/linux/net/ipv4/icmp.c some notes are
related to RFC 1122 "Requirements for Internet Hosts -- Communication
Layers", RFC 1812 "Requirements for IP Version 4 Routers" and
RFC950 "Internet Standard Subnetting Procedure".
But see this:
--8<--
tho@leia:tho>zgrep ICMP /usr/doc/doc-rfc/all-rfcs/rfc*.txt.gz\
|cut -f 1 -d :|uniq |wc -l
99
-->8--
Do I have to read them all? Furthermore, I guess, I could do so and
still have no clue, how ICMP is related to network security.
Well, I guess, I'll start with RFC 792 ...
Guenther
Reply to: