[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pinging same host on the internet from two different LAN stations



Melameth, Daniel D. wrote:

Pejman Moghadam wrote:


Melameth, Daniel D. wrote :


FWIW, while I haven't looked into this in detail, it appears Windows
clients always use the same ICMP ID--512...


I think this is right, beacuse of this state entry :

self icmp 192.168.1.18:512 -> 1.2.3.4:512 -> 192.9.9.3:512 0:0

but i have not any problem with windows clients when i use ipfw in
freebsd or even iptables in linux.
why same ICMP ID(512) is so important for PF? how can i deal with
that ?



I don't know the specifics of any other these packet filters and haven't looked at any code, but I'd speculate that ipfw and iptables are proxying these ICMP IDs in some capacity similar to the way TCP ports are proxied and pf is just using the ICMP ID that is provided by the client.

Then again, I could be very wrong.

Danny




I have ran into this issue two days ago also.
We have a monitoring server that monitors a couple of server by sending pings, and is informing me when a server isn't reachable by sending me a sms.
But when an other hosts pings one of the servers the monitoring server can't ping the server anymore and is sending me a sms.
In this case the server isn't down..


Before i had a linux/iptables firewall box that doesn't have this problem.
I hope there's a fix for PF cause i think this is a very anoying issue.

Marcel