26 May
2017
26 May
'17
7:34 p.m.
Brian,
Nope...that shouldn't be blocked.
I need to read up...I believe what I understood David to ask is: if
someone continues to send IPENCAP packets to Old_AMPRGW, configure it to
send an ICMP Redirect in the future.
This should WORK, since the device sent the packet. I'm not sure what an
OS will do, though; or if the OS is handling the packet as normal (i.e.
some raw modes).
This is not considering a scenario if the OP EXPLICITLY blocks ICMP
(which in that case, it would fail anyway). My configuration should have
received the ICMP Type 5 (I believe 5.1) packet in return for the
IPENCAP I sent to Old_AMPRGW, I just don't know how LEDE would respond.
- KB3VWG
Don't most hosts and routers ignore ICMP
Redirects
out of security concerns these days?