|
Author: jorge
Date: 10-08-01 17:59
hey man
what an article
but
i cant get the ICMP rules in the ipf set up
can u talk a little bit more about
# Return errors for icmp and udp
#
block return-icmp-as-dest(port-unr) in log on ext0 proto udp all
block return-icmp-as-dest(port-unr) in log on ext0 proto icmp all
#
what does that?
:)
great article however
|
|
Reply To This Message
|
|
Author: Dan Langille
Date: 10-08-01 20:29
I didn't write the article, but you asked a very general question. It helps us to help you if you are even just a bit specific.
I'm going to guess that you are asking about the return-icmp-as-dest(port-unr) bit. And I'm going to guess myself what that means. I've not looked it up. I'll leave that for you to do. I'm sure a google.com search will find the answer. Instead of just dropping the packets on the ground, ipf will return port unreachable to the sending IP address.
|
|
Reply To This Message
|
|
Author: Leon Dang
Date: 16-08-01 15:01
Thanks Dan for answering this for me.
jorge,
It's a mechanism to tell automated worm scripts to butt-out and stop scanning those ports, since *they don't exist* to the internet.
As for your ICMP problems, if you state exactly what errors you're getting, then it'll help a lot. Also, the guys on freebsd usenet are very helpful if you don't get an answer here straight away. My only conclusion is that you might have copied and pasted the rules incorrectly...
Leon
|
|
Reply To This Message
|
|
