On Wed, 30 Mar 2005 22:18:24 +0200 (CEST) Michael Van Canneyt <[EMAIL PROTECTED]> wrote:
> > > On Wed, 30 Mar 2005, Micha Nelissen wrote: > > > Yes, any sensible sysadmin ought to know that ICMP fragment error > > packets (type 3, code 4?) should always be allowed. > > Can you please translate this to plain english ? ICMP packets are used to designate certain errors in network flow. If you block all ICMP packets then you take away the error reporting capability. Linux firewall should have something like: iptables -A INPUT -p icmp --icmp-type fragmentation-needed -j ACCEPT Micha _______________________________________________ fpc-devel maillist - [email protected] http://lists.freepascal.org/mailman/listinfo/fpc-devel
