Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides

FAQ

It is currently Fri Dec 01, 2023 2:45 am

ROOT ‹ FreeBSD, Linux and AIX ‹ TCP/IP Networking ‹ FreeBSD PF supported icmp types

Internet Protocol, Transport Control Protocol, Network protocols, Routing, Routers, IP aliases, Routes, Ethernet

Post a reply

1 post • Page 1 of 1

FreeBSD PF supported icmp types

« Previous topic | Next topic »

Author

Message

admin

Post subject: FreeBSD PF supported icmp types | Posted: Fri Jan 28, 2011 9:15 am

Site Admin

Joined: Mon Aug 03, 2009 8:43 am
Posts: 104

FreeBSD PF supported icmp types

Here are the ICMP types supported by FreeBSD / OpenBSD PF firewall:

Here is the pf.conf syntax for allowing icmp packets:

Code:

icmp_types="{ echoreq, unreach}"
pass in log on $ext_if1 inet proto icmp from any to $dmz_net icmp-type $icmp_types keep state #queue icmp

And below is a list of supported icmp types:

Quote:

"net-unr",
"host-unr",
"proto-unr",
"port-unr",
"needfrag",
"srcfail",
"net-unk",
"host-unk",
"isolate",
"net-prohib",
"host-prohib",
"net-tos",
"host-tos",
"filter-prohib",
"host-preced",
"cutoff-preced",
"redir-net",
"redir-host",
"redir-tos-net",
"redir-tos-host",
"normal-adv",
"common-adv",
"transit",
"reassemb",
"badhead",
"optmiss",
"badlen",
"unknown-ind",
"auth-fail",
"decrypt-fail",

They can be found in pfctl source files: /usr/src/contrib/pf/pfctl/pfctl_parser.c

_________________
VPSie - SSD VPS servers in AMS-IX, LINX, DE-CIX
https://vpsie.com

			Tweet
Follow @IvordeCom

You might also be interested in:
icmp port unreachable error message. icmp port unreachable error message. How to block ping icmp echo requests without a firewall in Linux. FreeBSD - multiple routing tables. FreeBSD: How to list IPv6 neighbors. FreeBSD show network interface statistics. Set up FTP PROXY via command line in Linux/FreeBSD. FreeBSD tcpdump on enc0 doesn't show any traffic. FreeBSD - Adding VLAN Tagged subinterface using ifconfig. FreeBSD list interface multicast group membership.

Top

Post a reply

1 post • Page 1 of 1

Topics		Author	Replies	Views	Last post
Topics related to - "FreeBSD PF supported icmp types"
	icmp port unreachable error message	gajjj	0	2157	Mon Jul 08, 2013 5:43 am gajjj
	icmp port unreachable error message	gajjj	4	4182	Mon Jul 15, 2013 11:10 am gajjj
	How to block ping icmp echo requests without a firewall in Linux	debuser	0	2776	Mon Nov 26, 2012 9:46 am debuser
	FreeBSD - multiple routing tables	mandrei99	0	10463	Wed Aug 28, 2013 8:40 am mandrei99
	FreeBSD: How to list IPv6 neighbors	mandrei99	0	6066	Mon Oct 06, 2014 10:00 am mandrei99
	FreeBSD show network interface statistics	mandrei99	0	5688	Wed Sep 25, 2013 9:30 am mandrei99
	Set up FTP PROXY via command line in Linux/FreeBSD	mandrei99	0	22857	Tue Jan 20, 2015 5:01 pm mandrei99
	FreeBSD tcpdump on enc0 doesn't show any traffic	mandrei99	0	3760	Fri Jun 21, 2013 8:54 am mandrei99
	FreeBSD - Adding VLAN Tagged subinterface using ifconfig	admin	0	11132	Mon Aug 19, 2013 10:44 am admin
	FreeBSD list interface multicast group membership	mandrei99	0	4655	Tue Dec 03, 2013 9:02 am mandrei99

Who is online

Users browsing this forum: No registered users and 0 guests

You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:

Channel list

ROOT ‹ FreeBSD, Linux and AIX ‹ TCP/IP Networking

Delete all board cookies | The team | All times are UTC - 5 hours [ DST ]