ICMP packets can be filtered by an ICMP message type name or ICMP message
type and code name:
access-list 102 permit icmp any any echo
access-list 102 permit icmp any any echo-reply
It's in the documentation. ;-)
At 12:00 PM 7/30/96 +0100, Michel Lavondes wrote:
>In message <2 .
nz>, Steve Lang writes:
>> I have been monitoring this list for a while now, and have a question
>> with regards to ICMP, and the protection from them.
>> I am searching for information about protecting a network from
>> spurious icmp's, with specific reference to cisco access lists.
>> There is likely to be several references available, but I have
>> yet to find them. Any pointers to more information would be
>AFAIR, blocking (or letting through) all ICMPs from a given source
>to a given destination has been around for a long time (since 9.1 ?).
>I think that blocking specific ICMP types came out with either 10.3 or
>For further info, ask cisco @
edu or look at :
>Michel Lavondes (lavondes @
>Governments are guilty until proved innocent
Paul Ferguson || ||
Consulting Engineering || ||
Reston, Virginia USA |||| ||||
tel: +1.703.716.9538 ..:||||||:..:||||||:..
e-mail: pferguso @
com c i s c o S y s t e m s