Firewalls: Re: Sending replies to blocked packets.

Firewalls
(July 1995)

Indexed By Thread: [Previous] [Next]

Subject:	Re: Sending replies to blocked packets.
From:	smb @ research . att . com
Date:	Fri, 07 Jul 95 16:54:59 EDT
To:	Ted Doty <ted @ kgbvax . network . com>
Cc:	tli @ cisco . com, avalon @ coombs . anu . edu . au, Firewalls @ greatcircle . com

	 On Fri, 7 Jul 1995 02:32:08, Tony Li <tli @
 cisco .
 com> wrote:
	 	
	 Code 10, for all you geeks.  Myy understanding is that this has been
	 out there for a number of years.

Yup.  But some implementations -- for example, SunOS 4.1.1 -- will ignore
ICMP Unreachable messages with ``unknown'' subcodes.  Specifically, it
ignores any messages if that field is greater 5...  (It's not Sun's
fault, of course; they inherited that code from 4.2bsd.  And 4.4bsd, or
at least BSD/OS, hasn't gotten any better; it *still* rejects unknown
subcodes, though it has a larger set of known ones, including 10.)

Indexed By Date	Previous:	FAQ From: Peter Wages <pwages @ vse . net>
Indexed By Date	Next:	Re: SunScreen + Fragmented packets From: mulligan @ future . incog . com
Indexed By Thread	Previous:	Re: Sending replies to blocked packets. From: Tony Li <tli @ cisco . com>
Indexed By Thread	Next:	Re[2]: Sending replies to blocked packets. From: brian @ ilinx . ilinx . com (Brian J. Murrell)