IPFW and icmp

看板FB_security作者時間21年前 (2004/09/02 11:24), 編輯推噓0(000)
留言0則, 0人參與, 最新討論串1/5 (看更多)
I'm not a master of the internet RFCs, but I do believe icmp messages have different types. Now to enable traceroute for IPFW, I might put in a rule like this: ipfw add pass icmp from any to me However, how would I make a rule to limit icmp messages to just those used by traceroute? Can the messages be distinguished as such? A dynamic rule that exists only for the duration of a traceroute execution would be even better. I take it 'setup' or 'check-state' would follow in that case? _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
更多 mudman. 的文章
文章代碼(AID): #11Df9W00 (FB_security)
更多 mudman. 的文章
文章代碼(AID): #11Df9W00 (FB_security)