Le vendredi 11 février 2005 à 10:49 -0500, Jason Opperisano a écrit : > in theory--they are RELATED. in practice, i allow them explicitly. > looking at one of my firewalls, it appears as though there are ICMP Type > 3 packets that get past the RELATED rule and hit the explicit allow rule, Did you have a look at one of them, just to see if it's a legitimate one ? I have experienced some troubles with DNS and port unreachable on very slow links, but that was quite unusual. -- http://sid.rstack.org/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread!
