Хотите чтобы ваша FreeBSD отвечала на ICMP запросы?
Достаточно добавить пару строчек длярешения этой задачи:
# анонсируем на какие типы icmp запросов отвечать
icmp_types = «{0, 3, 4, 8, 11 }»
# собственно разрешаем прием запросов
pass in inet proto icmp all icmp-type $icmp_types keep state
Перегружаем правила pf:
# pfctl -f /etc/pf.conf
Все, ваш сервер отвечает на пинги.
Полная таблица ICMP запросов:
| ТИП | КОД | Описание | Запрос | Ошибка |
|---|---|---|---|---|
| 0 | 0 | Echo Reply | x | |
| 3 | 0 | Network Unreachable | x | |
| 3 | 1 | Host Unreachable | x | |
| 3 | 2 | Protocol Unreachable | x | |
| 3 | 3 | Port Unreachable | x | |
| 3 | 4 | Fragmentation needed but no frag. bit set | x | |
| 3 | 5 | Source routing failed | x | |
| 3 | 6 | Destination network unknown | x | |
| 3 | 7 | Destination host unknown | x | |
| 3 | 8 | Source host isolated (obsolete) | x | |
| 3 | 9 | Destination network administratively prohibited | x | |
| 3 | 10 | Destination host administratively prohibited | x | |
| 3 | 11 | Network unreachable for TOS | x | |
| 3 | 12 | Host unreachable for TOS | x | |
| 3 | 13 | Communication administratively prohibited by filtering | x | |
| 3 | 14 | Host precedence violation | x | |
| 3 | 15 | Precedence cutoff in effect | x | |
| 4 | 0 | Source quench | ||
| 5 | 0 | Redirect for network | ||
| 5 | 1 | Redirect for host | ||
| 5 | 2 | Redirect for TOS and network | ||
| 5 | 3 | Redirect for TOS and host | ||
| 8 | 0 | Echo request | x | |
| 9 | 0 | Router advertisement | ||
| 10 | 0 | Route solicitation | ||
| 11 | 0 | TTL equals 0 during transit | x | |
| 11 | 1 | TTL equals 0 during reassembly | x | |
| 12 | 0 | IP header bad (catchall error) | x | |
| 12 | 1 | Required options missing | x | |
| 13 | 0 | Timestamp request (obsolete) | x | |
| 14 | Timestamp reply (obsolete) | x | ||
| 15 | 0 | Information request (obsolete) | x | |
| 16 | 0 | Information reply (obsolete) | x | |
| 17 | 0 | Address mask request | x | |
| 18 | 0 | Address mask reply | x |
Type 0 Echo-reply
Type 1 Unassigned
Type 2 Unassigned
Type 3 Destination-unreachable
Code 0 network-unreachable
Code 1 host-unreachable
Code 2 protocol-unreachable
Code 3 port-unreachable
Code 4 fragmentation-needed
Code 5 source-route-failed
Code 6 network-unknown
Code 7 host-unknown
Code 8 network-prohibited
Code 9 host-prohibited
Code 10 TOS-network-unreachable
Code 11 TOS-host-unreachable
Code 12 communication-prohibited
Code 13 host-precedence-violation
Code 14 precedence-cutoff
Type 4 Source-quench
Type 5 Redirect
Code 0 network-redirect
Code 1 host-redirect
Code 2 TOS-network-redirect
Code 3 TOS-host-redirect
Type 6 Alternate Host Address
Type 7 Unassigned
Type 8 Echo-request
Type 9 Router-advertisement
Type 10 Router-solicitation
Type 11 Time-exceeded
Code 0 ttl-zero-during-transit
Code 1 ttl-zero-during-reassembly
Type 12 Parameter-problem
Code 0 ip-header-bad
Code 1 required-option-missing
Type 13 Timestamp-request
Type 14 Timestamp-reply
Type 15 Information Request
Type 16 Information Reply
Type 17 Address-mask-request
Type 18 Address-mask-reply
Type 19 Reserved
Type 20-29 Reserved
Type 30 Traceroute
Type 31 Datagram Conversion Error
Type 32 Mobile Host Redirect
Type 33 IPv6 Where-Are-You
Type 34 IPv6 I-Am-Here
Type 35 Mobile Registration Request
Type 36 Mobile Registration Reply
Type 37 Domain Name Request
Type 38 Domain Name Reply
Type 39 SKIP
Type 40 Security Failures
и не думал что кто-то читает этот блог…