On 2007/04/04 18:03, Joseph Lappa wrote: > I would like to have icmp host-unreachable and fragmentation- > needed in the icmp type that is returned.
your description is a little unclear here; are you trying to alter the returned messages when a packet is blocked? (you actually want 'block return xxx' for that, where xxx is the icmp message-type to return) or are you making sure PMTU detection works? (it should already if you use stateful rules; ICMP messages relating to a particular connection are passed as part of the state for that connection). or do you have a particular problem you're trying to fix? (in which case describing the problem will be useful) > pf.conf:42: unknown icmp-type host-unr The textual names you can use are listed in icmp(4). hth..
