Hacker News new | ask | show | jobs
by sdeziel 2572 days ago
From the article: "This drops all ICMP packets. ICMP is only used to ping a host to find out if it’s still alive."

Please stop this non-sense, there are too many ICMP blackholes already.
1 comments
kazen44 2572 days ago
if you are running IPv6, disabling ICMP is a very bad idea because it disables MTU path discovery.

don't be lazy, don't drop ICMP and just do proper filtering.

link
fulafel 2571 days ago
Same for ipv4.
link