Re: ICMP handling in Linux
- From: Henrique de Moraes Holschuh <hmh@xxxxxxxxxx>
- Date: Sat, 14 Apr 2012 07:42:11 -0300
On Sat, 14 Apr 2012, Pascal Hambourg wrote:
Henrique de Moraes Holschuh a écrit :
Easy depriorizing is possible by outright dropping incoming ICMP packets
in the iptables layer, before it is processed by the IP stack.
iptables is not before the IP stack, it is a part of it.
I suppose you're correct, since it is the IPv4-specific part of netfilter,
and it does hook into several places of the IP stack, and it knows IPv4.
I should probably have written it as "drop it in the RAW table, which
happens very early in the packet's processing by the IP stack."
--
"One disk to rule them all, One disk to find them. One disk to bring
them all and in the darkness grind them. In the Land of Redmond
where the shadows lie." -- The Silicon Valley Tarot
Henrique Holschuh
--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx
with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx
Archive: http://lists.debian.org/20120414104211.GA22597@xxxxxxxxxxxxxxxxxxxxx
- References:
- ICMP handling in Linux
- From: Martin T
- Re: ICMP handling in Linux
- From: Henrique de Moraes Holschuh
- Re: ICMP handling in Linux
- From: Pascal Hambourg
- ICMP handling in Linux
- Prev by Date: Re: Squid as default gateway in proxy mode.
- Next by Date: Re: Disk clicking and in increasing Load_Cycle_Count in laptop with debian/testing
- Previous by thread: Re: ICMP handling in Linux
- Next by thread: Re: ICMP handling in Linux
- Index(es):
Relevant Pages
|
