Tom's Hardware > Forum > General Networking > Firewall > ICMP Firewall Rules

ICMP Firewall Rules

Forum General Networking : Firewall - ICMP Firewall Rules

Tom's Hardware: Over 1.4 million members in 6 different countries available to answer all your high-tech questions. Sign up now! Its free!
Ask the community Add a reply
Word :    Username :           
 
casey   05-06-2004 at 05:24:47 AM

Archived from groups: comp.security.firewalls (More info?)

 

I have always been uncertain how to set firewall rules for ICMP.
Sure could use some help. Which of the following should be:
(1) allowed incoming (2) allowed outgoing (3) allowed both
incoming and outgoing.
ICMP 0 echo reply
ICMP 8 echo request
ICMP 3 destination unreachable
ICMP 10 router solicitation
ICMP 11 time exceeded for datagram

Are there any others that should be added to the list?
Thanks
casey

Add a reply
Sponsored Links
Register or log in to remove.
Anonymous   05-06-2004 at 05:24:48 AM
- 0 +

Archived from groups: comp.security.firewalls (More info?)

 

In article <MPG.1b033383852cd9af98971f@news.west.earthlink.net>,
casey@nosuch.net says...
>
> I have always been uncertain how to set firewall rules for ICMP.
> Sure could use some help. Which of the following should be:
> (1) allowed incoming (2) allowed outgoing (3) allowed both
> incoming and outgoing.
> ICMP 0 echo reply
> ICMP 8 echo request
> ICMP 3 destination unreachable
> ICMP 10 router solicitation
> ICMP 11 time exceeded for datagram
>
> Are there any others that should be added to the list?
> Thanks
> casey
>
Generally all you need to do is Allow 0, 11 In. And 8 Out. Some people
also allow 3 In/Out but there seems to be alot of disagreement on this.
I currently deny 3 in both directions. That could be wrong though...
--
Kerodo

Reply to Anonymous
Anonymous   05-06-2004 at 06:02:13 AM
- 0 +

Archived from groups: comp.security.firewalls (More info?)

 

On Wed, 5 May 2004 16:43:20 -0700, Kerodo
<kerodo~nospam~kenny@hotmail.com> wrote:

>In article <MPG.1b033383852cd9af98971f@news.west.earthlink.net>,
>casey@nosuch.net says...
>>
>> I have always been uncertain how to set firewall rules for ICMP.
>> Sure could use some help. Which of the following should be:
>> (1) allowed incoming (2) allowed outgoing (3) allowed both
>> incoming and outgoing.
>> ICMP 0 echo reply
>> ICMP 8 echo request
>> ICMP 3 destination unreachable
>> ICMP 10 router solicitation
>> ICMP 11 time exceeded for datagram
>>
>> Are there any others that should be added to the list?
>> Thanks
>> casey
>>
>Generally all you need to do is Allow 0, 11 In. And 8 Out. Some people
>also allow 3 In/Out but there seems to be alot of disagreement on this.
>I currently deny 3 in both directions. That could be wrong though...


I may be wrong too ... but I found I had more ping traffic by allowing
3 out ...

Reply to Anonymous
Ask the community Add a reply
Tom's Hardware > Forum > General Networking > Firewall > ICMP Firewall Rules
Go to:

There are 765 identified and unidentified users. To see the list of identified users, Click here.

Forum map
Bestofmedia Forum ©
2000-2009 Bestofmedia Group
Page generated in 0.219 seconds
Please mind

You are about to answer a thread that has been inactive for more than 6 months.
If you still wish to proceed, please ensure that your posting is original and does not duplicate or overlap any prior responses to this thread.

Add a reply Cancel
Sponsored links
  • Ask the community now
  • Publish
Ad
Related Topics
See all relatives topics
They won a badge
Join us in greeting them
How do I win badges?