Mailinglist Archive: opensuse-security (636 mails)

< Previous Next >
Re: [suse-security] ICMP filter in SuSEfirewall? (again)
  • From: dproc@xxxxxxx
  • Date: Sat, 3 Feb 2001 09:38:48 -0500
  • Message-id: <20010203093848.A13173@xxxxxxxxxxxxxxx>
On Tue, 23 Jan 2001, Rick Green wrote:

> On Tue, 23 Jan 2001, dprocc wrote:
>
> > Are these the definitions you mean?
> > #define ICMP_ECHOREPLY 0 /* Echo Reply */
> > #define ICMP_DEST_UNREACH 3 /* Destination Unreachable */
> > #define ICMP_SOURCE_QUENCH 4 /* Source Quench */
> > #define ICMP_REDIRECT 5 /* Redirect (change route) */
> > #define ICMP_ECHO 8 /* Echo Request */
> >
> > and so forth
> >
> > I took this from the kernel source tree in:
> > /usr/data/src/linux-2.2.13.SuSE/include/net/icmp.h
>
> I've got a good description of the basic ICMP types in Ziegler's book
> "Linux Firewalls", but I haven't found a definition of the message
> sub-types.

The sub-types (aka codes ?) were listed in the same C
header, but I errantly posted the wrong path. Look at

/usr/data/src/linux-2.2.13.SuSE/include/linux/icmp.h

to find

/* Codes for UNREACH. */
#define ICMP_NET_UNREACH 0 /* Network Unreachable */
#define ICMP_HOST_UNREACH 1 /* Host Unreachable */
#define ICMP_PROT_UNREACH 2 /* Protocol Unreachable */

and so on. Now you can compare the kernel implementation to
the RFCs definitions if you have the inclination.

dproc


< Previous Next >
This Thread
  • No further messages