[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: ICMP and IPfilter

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: ICMP and IPfilter
From: Han <han_(_at_)_mijncomputer_(_dot_)_nl>
Date: Fri, 5 Oct 2001 20:35:07 +0200
Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org

Clay Dillard (clay_(_at_)_454homenet_(_dot_)_tzo_(_dot_)_com) wrote:
> Can someone please help me to get icmp (like traceroute and ping) to work

These are my icmp rules:

# icmp rules
# http://www.shmoo.com/mail/firewalls/jan01/msg00015.shtml

# Echo reply
pass in quick on ne3 proto icmp from any to yourip/32 icmp-type  0 keep state

# Destination unreachable
pass in quick on ne3 proto icmp from any to yourip/32 icmp-type  3 keep state

# Source Quench
pass in quick on ne3 proto icmp from any to yourip/32 icmp-type  4 keep state

# Echo
pass in quick on ne3 proto icmp from any to yourip/32 icmp-type  8 keep state

# Time exeeded
pass in quick on ne3 proto icmp from any to yourip/32 icmp-type 11 keep state

# Parameter Problem
pass in quick on ne3 proto icmp from any to yourip/32 icmp-type 12 keep state

And these are my ipnat rules:
# startcommand : /sbin/ipnat -CF -f /etc/ipnat.rules ; ipf -y

map ne3 192.168.1.0/24 -> ne3/32 portmap tcp/udp 10000:20000
map ne3 192.168.1.0/24 -> ne3/32


Cya, Han.

Prev by Date: Re: booting problem w/ OpenBSD 2.9
Next by Date: FA411 (pcmcia)
Previous by thread: Splash screen support
Next by thread: Re: ICMP and IPfilter
Index(es):
- Date
- Thread

Visit your host, monkey.org