Firewalls: Re: ICMP Codes

Firewalls
(September 1996)

Indexed By Thread: [Previous] [Next]

Subject:	Re: ICMP Codes
From:	dtosic @ delta . Tymnet . COM (Dragan Tosic)
Date:	Sun, 22 Sep 1996 23:45:20 -0700 (PDT)
To:	davem @ iss . net (David J. Meltzer)
Cc:	firewalls @ greatcircle . com
In-reply-to:	<Pine . LNX . 3 . 91 . 960920113536 . 22283B-100000 @ phoenix . iss . net> from "David J. Meltzer" at Sep 20, 96 11:49:38 am

> 
> On Fri, 20 Sep 1996, Joseph L. Moll wrote:
> > Does anyone know what ICMP code 3 (Destination Unreachable) subcode 13 is?
> > Has RFC1700 been updated?  It does not list this subcode.
> > 
> 
> "Communication administratively prohibited".  Stevens v1 describes this
> as being ignored, but the actual 4.4BSD lite kernel handles this as a 
> no route to host.  I would assume some filtering routers and firewalls 
> generate this in response to an attempt to connect to a port that is being
> blocked.
Hi there,
actually ,good ole Cisco router turns this message, if you are trying
to send a packet thru the ACL (aka Access Control List ;-)
Actually , if you are  using Cisco "trace " ( similar to traceroute)
this will give you : !A ==> "administratevely prohibited"
Hope this helps
D.B.Tosic Frankfurt/Germany
> 
> Dave
> 
> --------------------------------+---------------------
>        David J. Meltzer         | Email: davem @
 iss .
 net 
>        Systems Engineer         |   Web:   www.iss.net 
> Internet Security Systems, Inc. |   Fax: (770)395-1972
> 
>

References:

Re: ICMP Codes
From: "David J. Meltzer" <davem @ iss . net>

Indexed By Date	Previous:	Re: Attention NT-based firewall vendors From: Dale Lancaster <dlancaster @ raptor . com>
Indexed By Date	Next:	HELP on PC security soft. From: indy @ aero . gla . ac . uk (Inderjit S Gabrie)
Indexed By Thread	Previous:	Re: ICMP Codes From: "David J. Meltzer" <davem @ iss . net>
Indexed By Thread	Next:	FW: ICMP Codes From: Chris Kostick <ckostick @ csc . com>