|
||||||||
On Thu, 06 Jul 2006 12:59:41 +0000 "Soren Vanggaard Jensen" <svanggaard at hotmail dot com> wrote: > It seems my case is getting stronger. Your posts and my uptime (now >6 days, 6 hours - usually less than 2 days) since blocking all ICMP >traffic. > Now, why is it that some (most) monowall installations dos not >freeze even though outbound ICMP is allowed by default rules? I think >there could be 2 reasons: > 1) The problem only occurs under heavy load conditions > 2) The problem occurs only when a junk router, Accesspoint or PC >(internet or LAN) does not handle fragmentation correctly. Or junk PC. I have seen PCs with dieing nics send some bad stuff and knock down an entire network. Lee |