Wade Preston Shearer wrote: > I appears that Stuart's is a better way to allow all the packets > through and Mr. Ritter's limits it to just icmp packets. Will I really > be okay only allowing those packets through? icmp packets are errors, > right? And since we are trying to limit returning packets, that should > be sufficient?
Yes, you should always allow rate-limited ICMP packets of type 8. Otherwise, in my opinion, you break basic internet functionality. This propensity of large organizations like BYU or Microsoft to drop packets instead of returning PING messages is a disease. /* PLUG: http://plug.org, #utah on irc.freenode.net Unsubscribe: http://plug.org/mailman/options/plug Don't fear the penguin. */
