Hi Manuel,

Manuel Kasper wrote on Sun, Aug 22 2004:

>>The color on the php-page is always red, ipfw always shows "block".

>This happens when you select neither "TCP" nor "UDP" as the protocol
>and is explained on the rule edit page.

Sorry for the stupid question, I'm really ashamed that I did not read
the text carefully enough. Of course you're right, it works fine now.

>>2. I'd like to have a distinction for ICMP sub-types. I e.g. want to
>>allow type 3 (DF needed, PMTU discovery) and disallow type 5 (ICMP
>>redirect).

>Will be considered.

Thank you. I realize that it might be a "geek" feature and too
complicated for normal users, since they probably wouldn't know what
to configure here.

Maybe a simple (optional) flag "strip DF flag on outgoing packets"
would be

1. more easy to implement in e.g. "advanced setup" and
2. not as complicated, meaning less impact on user-friendliness?

Then one could completely ignore/drop ICMP without being a bad
netizen. It might be even a good idea, to enable such a "strip DF"
flag by default, since most people probably have no explicit ICMP
rules (meaning they drop ICMP-type 3).

Please note that I'm not trying to harrass/annoy you, simply offering
something to think about. Whether you consider/implement stuff is of
course totally up to you.

Anyway: thanks again for all your great work, which is very much
appreciated.

Kind regards

Frederick