|Newer page:||version 4||Last edited on Thursday, April 12, 2007 3:04:58 pm||by BenStaz|
|Older page:||version 3||Last edited on Tuesday, June 1, 2004 11:38:26 pm||by PerryLorier||Revert|
@@ -1,9 +1,11 @@
[ICMP] reason subcode 0, used with ICMP reason code 3 to explain why a DestinationUnreachable message was sent.
It is usally generated by a gateway when it does not have a route for the destination specified in the IP packet that caused the error.
Note a server with a default gateway won't ever issue this message (since it always has a route for packets...).
Reject routes can also solicit this error. I recommend you add the routes below to any machine that is physically on the internet. It'll make any packet that doesn't have a more specific route (via some VPN, or locally connected machine) generate an [ICMP] DestinationNetworkUnreachable message and not just leak random IP's out onto the Internet.
route add -net 10.0.0.0/8 reject metric 10000
route add -net 192.168.0.0/16 reject metric 10000