summaryrefslogtreecommitdiffstats
path: root/man/man7/icmp.7
diff options
context:
space:
mode:
Diffstat (limited to 'man/man7/icmp.7')
-rw-r--r--man/man7/icmp.7196
1 files changed, 196 insertions, 0 deletions
diff --git a/man/man7/icmp.7 b/man/man7/icmp.7
new file mode 100644
index 0000000..f197547
--- /dev/null
+++ b/man/man7/icmp.7
@@ -0,0 +1,196 @@
+'\" t
+.\" SPDX-License-Identifier: Linux-man-pages-1-para
+.\"
+.\" This man page is Copyright (C) 1999 Andi Kleen <ak@muc.de>.
+.\"
+.\" $Id: icmp.7,v 1.6 2000/08/14 08:03:45 ak Exp $
+.\"
+.TH icmp 7 2024-05-02 "Linux man-pages (unreleased)"
+.SH NAME
+icmp \- Linux IPv4 ICMP kernel module.
+.SH DESCRIPTION
+This kernel protocol module implements the Internet Control
+Message Protocol defined in RFC\ 792.
+It is used to signal error conditions and for diagnosis.
+The user doesn't interact directly with this module;
+instead it communicates with the other protocols in the kernel
+and these pass the ICMP errors to the application layers.
+The kernel ICMP module also answers ICMP requests.
+.P
+A user protocol may receive ICMP packets for all local sockets by opening
+a raw socket with the protocol
+.BR IPPROTO_ICMP .
+See
+.BR raw (7)
+for more information.
+The types of ICMP packets passed to the socket can be filtered using the
+.B ICMP_FILTER
+socket option.
+ICMP packets are always processed by the kernel too, even
+when passed to a user socket.
+.P
+Linux limits the rate of ICMP error packets to each destination.
+.B ICMP_REDIRECT
+and
+.B ICMP_DEST_UNREACH
+are also limited by the destination route of the incoming packets.
+.SS /proc interfaces
+ICMP supports a set of
+.I /proc
+interfaces to configure some global IP parameters.
+The parameters can be accessed by reading or writing files in the directory
+.IR /proc/sys/net/ipv4/ .
+Most of these parameters are rate limitations for specific ICMP types.
+Linux 2.2 uses a token bucket filter to limit ICMPs.
+.\" FIXME . better description needed
+The value is the timeout in jiffies until the token bucket filter is
+cleared after a burst.
+A jiffy is a system dependent unit, usually 10ms on i386 and
+about 1ms on alpha and ia64.
+.TP
+.IR icmp_destunreach_rate " (Linux 2.2 to Linux 2.4.9)"
+.\" Precisely: from Linux 2.1.102
+Maximum rate to send ICMP Destination Unreachable packets.
+This limits the rate at which packets are sent to any individual
+route or destination.
+The limit does not affect sending of
+.B ICMP_FRAG_NEEDED
+packets needed for path MTU discovery.
+.TP
+.IR icmp_echo_ignore_all " (since Linux 2.2)"
+.\" Precisely: 2.1.68
+If this value is nonzero, Linux will ignore all
+.B ICMP_ECHO
+requests.
+.TP
+.IR icmp_echo_ignore_broadcasts " (since Linux 2.2)"
+.\" Precisely: from Linux 2.1.68
+If this value is nonzero, Linux will ignore all
+.B ICMP_ECHO
+packets sent to broadcast addresses.
+.TP
+.IR icmp_echoreply_rate " (Linux 2.2 to Linux 2.4.9)"
+.\" Precisely: from Linux 2.1.102
+Maximum rate for sending
+.B ICMP_ECHOREPLY
+packets in response to
+.B ICMP_ECHOREQUEST
+packets.
+.TP
+.IR icmp_errors_use_inbound_ifaddr " (Boolean; default: disabled; since Linux 2.6.12)"
+.\" The following taken from Linux 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
+If disabled, ICMP error messages are sent with the primary address of
+the exiting interface.
+.IP
+If enabled, the message will be sent with the primary address of
+the interface that received the packet that caused the ICMP error.
+This is the behavior that many network administrators will expect from
+a router.
+And it can make debugging complicated network layouts much easier.
+.IP
+Note that if no primary address exists for the interface selected,
+then the primary address of the first non-loopback interface that
+has one will be used regardless of this setting.
+.TP
+.IR icmp_ignore_bogus_error_responses " (Boolean; default: disabled; since Linux 2.2)"
+.\" precisely: since Linux 2.1.32
+.\" The following taken from Linux 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
+Some routers violate RFC1122 by sending bogus responses to broadcast frames.
+Such violations are normally logged via a kernel warning.
+If this parameter is enabled, the kernel will not give such warnings,
+which will avoid log file clutter.
+.TP
+.IR icmp_paramprob_rate " (Linux 2.2 to Linux 2.4.9)"
+.\" Precisely: from Linux 2.1.102
+Maximum rate for sending
+.B ICMP_PARAMETERPROB
+packets.
+These packets are sent when a packet arrives with an invalid IP header.
+.TP
+.IR icmp_ratelimit " (integer; default: 1000; since Linux 2.4.10)"
+.\" The following taken from Linux 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
+Limit the maximum rates for sending ICMP packets whose type matches
+.I icmp_ratemask
+(see below) to specific targets.
+0 to disable any limiting,
+otherwise the minimum space between responses in milliseconds.
+.TP
+.IR icmp_ratemask " (integer; default: see below; since Linux 2.4.10)"
+.\" The following taken from Linux 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
+Mask made of ICMP types for which rates are being limited.
+.IP
+Significant bits: IHGFEDCBA9876543210
+.br
+Default mask: 0000001100000011000 (0x1818)
+.IP
+Bit definitions (see the Linux kernel source file
+.IR include/linux/icmp.h ):
+.RS 12
+.TS
+l l.
+0 Echo Reply
+3 Destination Unreachable *
+4 Source Quench *
+5 Redirect
+8 Echo Request
+B Time Exceeded *
+C Parameter Problem *
+D Timestamp Request
+E Timestamp Reply
+F Info Request
+G Info Reply
+H Address Mask Request
+I Address Mask Reply
+.TE
+.RE
+.P
+The bits marked with an asterisk are rate limited by default
+(see the default mask above).
+.TP
+.IR icmp_timeexceed_rate " (Linux 2.2 to Linux 2.4.9)"
+Maximum rate for sending
+.B ICMP_TIME_EXCEEDED
+packets.
+These packets are
+sent to prevent loops when a packet has crossed too many hops.
+.TP
+.IR ping_group_range " (two integers; default: see below; since Linux 2.6.39)"
+Range of the group IDs (minimum and maximum group IDs, inclusive)
+that are allowed to create ICMP Echo sockets.
+The default is "1 0", which
+means no group is allowed to create ICMP Echo sockets.
+.SH VERSIONS
+Support for the
+.B ICMP_ADDRESS
+request was removed in Linux 2.2.
+.P
+Support for
+.B ICMP_SOURCE_QUENCH
+was removed in Linux 2.2.
+.SH NOTES
+As many other implementations don't support
+.B IPPROTO_ICMP
+raw sockets, this feature
+should not be relied on in portable programs.
+.\" not really true ATM
+.\" .P
+.\" Linux ICMP should be compliant to RFC 1122.
+.P
+.B ICMP_REDIRECT
+packets are not sent when Linux is not acting as a router.
+They are also accepted only from the old gateway defined in the
+routing table and the redirect routes are expired after some time.
+.P
+The 64-bit timestamp returned by
+.B ICMP_TIMESTAMP
+is in milliseconds since the Epoch, 1970-01-01 00:00:00 +0000 (UTC).
+.P
+Linux ICMP internally uses a raw socket to send ICMPs.
+This raw socket may appear in
+.BR netstat (8)
+output with a zero inode.
+.SH SEE ALSO
+.BR ip (7),
+.BR rdisc (8)
+.P
+RFC\ 792 for a description of the ICMP protocol.