Brocade Communications Systems ServerIron ADX 12.4.00a User Manual

ServerIron ADX Security Guide

81

53-1002440-03

ACLs and ICMP

2

The deny | permit parameter indicates whether packets that match the policy are dropped or
forwarded.

You can either use the and enter the name of the message type or use the
parameter and enter the type number and code number
of the message. Refer to

Table 5

for valid values.

NOTE

“X” in the Type-Number or Code-Number column in

Table 5

means the device filters any traffic of that

ICMP message type.

TABLE 5

ICMP message types and codes

ICMP message type

Type

Code

administratively-prohibited

3

13

any-icmp-type

x

x

destination-host-prohibited

3

10

destination-host-unknown

3

7

destination-net-prohibited

3

9

destination-network-unknown

3

6

echo

8

0

echo-reply

0

0

general-parameter-problem
NOTE: This message type indicates that required

option is missing.

12

1

host-precedence-violation

3

14

host-redirect

5

1

host-tos-redirect

5

3

host-tos-unreachable

3

12

host-unreachable

3

1

information-request

15

0

log

mask-reply

18

0

mask-request

17

0

net-redirect

5

0

net-tos-redirect

5

2

net-tos-unreachable

3

11

net-unreachable

3

0

packet-too-big 3

4

parameter-problem
NOTE: This message includes all parameter problems

12

0

port-unreachable

3

3

precedence-cutoff

3

15