Pascal Hambourg a écrit :
ICMP error messages (destination unreachable, TTL exceeded,
fragmentation needed...) are in the RELATED state. So you need RELATED
if you don't want to break ICMP error signalling and mechanisms which
rely on it such as Path MTU Detection (PMTUD).
Oops, s/Detection/Discovery/
Note that ICMP error signalling is a mandatory part of IP operation, and
path MTU discovery is enabled by default in Linux, and possibly other
operating systems.
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
