Great Circle Associates Firewalls
(June 1994) 		 
Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]
Subject: Livingston routers & ICMP filtering
From: Justin Mason <jmason @ iona . ie>
Date: Fri, 03 Jun 1994 13:37:55 +0100
To: firewalls @ greatcircle . com 
Apparently, Livingston routers *can* filter based on
ICMP message type. Good news! Here's how....

>permit icmp src eq 0

>to allow ping responses or

>deny icmp src eq 5

>to deny ICMP Redirects.

ie. the ICMP message type is mapped onto the "src port"
filter. This isn't documented in my copy of the IRX User's
Manual (v1.7), and I haven't been able to test it yet, but it's
accepted as valid syntax for my revision of ComOS (1.8R).
 
Anyway, kudos to Livingston for a pretty prompt update, and
for monitoring the firewalls list!

-- 
Justin Mason                                         I do not speak for Iona.

<jmason @
 iona .
 ie>, with a hyplan at: http://www.iona.ie/www/hyplan/jmason.html
Indexed By Date Previous: Re: Application Firewall
From: Frederick M Avolio <avolio @ tis . com>
Next: Re: Cisco software update?
From: paul @ hawksbill . sprintmrn . com (Paul Ferguson)
Indexed By Thread Previous: Re: trusting NNTP/archie, etc servers --
From: Christian Wettergren <cwe @ it . kth . se>
Next: incoming/outgoing packet filtering (Cisco screening)
From: MICHAEL NITTMANN <NITTMANN @ UWLAX . EDU>
Google
 
Search Internet Search www.greatcircle.com