Brocade Communications Systems ServerIron ADX 12.4.00a User Manual
Page 95
ServerIron ADX Security Guide
81
53-1002440-03
ACLs and ICMP
2
The deny | permit parameter indicates whether packets that match the policy are dropped or
forwarded.
You can either use the <icmp-type> and enter the name of the message type or use the
<icmp-type-number> <icmp-ode-number> parameter and enter the type number and code number
of the message. Refer to
Table 5
for valid values.
NOTE
“X” in the Type-Number or Code-Number column in
Table 5
means the device filters any traffic of that
ICMP message type.
TABLE 5
ICMP message types and codes
ICMP message type
Type
Code
administratively-prohibited
3
13
any-icmp-type
x
x
destination-host-prohibited
3
10
destination-host-unknown
3
7
destination-net-prohibited
3
9
destination-network-unknown
3
6
echo
8
0
echo-reply
0
0
general-parameter-problem
NOTE: This message type indicates that required
option is missing.
12
1
host-precedence-violation
3
14
host-redirect
5
1
host-tos-redirect
5
3
host-tos-unreachable
3
12
host-unreachable
3
1
information-request
15
0
log
mask-reply
18
0
mask-request
17
0
net-redirect
5
0
net-tos-redirect
5
2
net-tos-unreachable
3
11
net-unreachable
3
0
packet-too-big 3
4
parameter-problem
NOTE: This message includes all parameter problems
12
0
port-unreachable
3
3
precedence-cutoff
3
15