The answer lies within RFC 1122 which states "that an ICMP error message should not be sent as the result of receiving another ICMP error message." However, An ICMP message can be sent in response to an ICMP query message, which is what an echo request is, and is the source of the question that started this thread. -----Original Message----- From: netfilter-admin@xxxxxxxxxxxxxxxxxxx [mailto:netfilter-admin@xxxxxxxxxxxxxxxxxxx] On Behalf Of Kiran Kumar Sent: Tuesday, February 03, 2004 5:24 AM To: Netfilter Mailing List Subject: Re: ICMP Rule Problem --- Antony Stone <Antony@xxxxxxxxxxxxxxxxxxxx> wrote: > Never mind that, you're not allowed to respond to ICMP packets with > ICMP errors. > > See RFC792 page 1. Wrong. You are not allowed to respond to ICMP _errors_ with ICMP errors, what else does ping mean by giving error messages like "Destination Host Unreachable" ?. ===== Regards, Kiran Kumar Immidi __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free web site building tool. Try it! http://webhosting.yahoo.com/ps/sb/
