> Is there a way (using kernel 2.0.x) to block types of icmp with the
> firewalling code? i.e. say I have a multiport linux router and want to
> block just icmp echo request and echo reply. Is there an easy way to do
> it?
This is a good idea, especially considering the moderately recent article in
phrack about 'telnet tunneling via ICMP echo'. Note that echo's aren't
the only ICMP responses with problems, since many of the others also
include information as to 'the first 6 bytes of the data packet'. A
change that allowed you zero them out would be a good option, but I
don't know if TCP stacks rely on them... (I would guess not, but
we may break some poor TCP stack)
Oskar