isn't there a possibility (an event) to recognize icmp requests dropped
by the firewall.
Do you mean ICMP unreachables with "administratively prohibited" as the
subcode? Those should generate icmp_unreachable events *if* the firewall
is configured to send the ICMPs (it might instead just silently drop).
Vern
hi vern
> isn't there a possibility (an event) to recognize icmp requests dropped
> by the firewall.Do you mean ICMP unreachables with "administratively prohibited" as the
subcode? Those should generate icmp_unreachable events *if* the firewall
is configured to send the ICMPs (it might instead just silently drop).
i mean icmp timeouts. when you send an icmp request (ping) and nothing, abolutly
nothing comes back to you.
this could be when the firewall silently drops the packets or when a destination
host just not reacts.
by the way: silently drop or drop means the same to me. i thought that when a
firewall gives a negative answer like an icmp unreachable this is called a
reject.
greetz
christoph