]>
Commit | Line | Data |
---|---|---|
fea681da MK |
1 | .\" This man page is Copyright (C) 1999 Andi Kleen <ak@muc.de>. |
2 | .\" Permission is granted to distribute possibly modified copies | |
3 | .\" of this page provided the header is included verbatim, | |
4 | .\" and in case of nontrivial modification author and date | |
5 | .\" of the modification is added to the header. | |
6 | .\" $Id: icmp.7,v 1.6 2000/08/14 08:03:45 ak Exp $ | |
920a509f | 7 | .TH ICMP 7 2008-11-24 "Linux" "Linux Programmer's Manual" |
fea681da | 8 | .SH NAME |
c13182ef | 9 | icmp, IPPROTO_ICMP \- Linux IPv4 ICMP kernel module. |
fea681da | 10 | .SH DESCRIPTION |
c13182ef MK |
11 | This kernel protocol module implements the Internet Control |
12 | Message Protocol defined in RFC\ 792. | |
56185b42 | 13 | It is used to signal error conditions and for diagnosis. |
c13182ef MK |
14 | The user doesn't interact directly with this module; |
15 | instead it communicates with the other protocols in the kernel | |
16 | and these pass the ICMP errors to the application layers. | |
56185b42 | 17 | The kernel ICMP module also answers ICMP requests. |
fea681da MK |
18 | .PP |
19 | A user protocol may receive ICMP packets for all local sockets by opening | |
c13182ef | 20 | a raw socket with the protocol |
fea681da MK |
21 | .BR IPPROTO_ICMP . |
22 | See | |
23 | .BR raw (7) | |
24 | for more information. | |
25 | The types of ICMP packets passed to the socket can be filtered using the | |
c13182ef MK |
26 | .B ICMP_FILTER |
27 | socket option. | |
28 | ICMP packets are always processed by the kernel too, even | |
fea681da MK |
29 | when passed to a user socket. |
30 | .LP | |
31 | Linux limits the rate of ICMP error packets to each destination. | |
32 | .B ICMP_REDIRECT | |
33 | and | |
34 | .B ICMP_DEST_UNREACH | |
35 | are also limited by the destination route of the incoming packets. | |
5a2ff571 MK |
36 | .SS /proc interfaces |
37 | ICMP supports a set of | |
38 | .I /proc | |
39 | interfaces to configure some global IP parameters. | |
40 | The parameters can be accessed by reading or writing files in the directory | |
41 | .IR /proc/sys/net/ipv4/ . | |
42 | Most of these parameters are rate limitations for specific ICMP types. | |
c13182ef | 43 | Linux 2.2 uses a token bucket filter to limit ICMPs. |
218e46f8 | 44 | .\" FIXME better description needed |
c13182ef MK |
45 | The value is the timeout in jiffies until the token bucket filter is |
46 | cleared after a burst. | |
34ccb744 | 47 | A jiffy is a system dependent unit, usually 10ms on i386 and |
22399250 | 48 | about 1ms on alpha and ia64. |
fea681da | 49 | .TP |
920a509f MK |
50 | .IR icmp_destunreach_rate " (Linux 2.2 to 2.4.10)" |
51 | .\" Precisely: from 2.1.102 | |
c13182ef MK |
52 | Maximum rate to send ICMP Destination Unreachable packets. |
53 | This limits the rate at which packets are sent to any individual | |
56185b42 | 54 | route or destination. |
fea681da MK |
55 | The limit does not affect sending of |
56 | .B ICMP_FRAG_NEEDED | |
57 | packets needed for path MTU discovery. | |
58 | .TP | |
920a509f MK |
59 | .IR icmp_echo_ignore_all " (since Linux 2.2)" |
60 | .\" Precisely: 2.1.68 | |
eba72288 | 61 | If this value is non-zero, Linux will ignore all |
fea681da | 62 | .B ICMP_ECHO |
c13182ef | 63 | requests. |
fea681da | 64 | .TP |
920a509f MK |
65 | .IR icmp_echo_ignore_broadcasts " (since Linux 2.2)" |
66 | .\" Precisely: from 2.1.68 | |
eba72288 | 67 | If this value is non-zero, Linux will ignore all |
fea681da | 68 | .B ICMP_ECHO |
c13182ef | 69 | packets sent to broadcast addresses. |
fea681da | 70 | .TP |
920a509f MK |
71 | .IR icmp_echoreply_rate " (Linux 2.2 to 2.4.10)" |
72 | .\" Precisely: from 2.1.102 | |
fea681da MK |
73 | Maximum rate for sending |
74 | .B ICMP_ECHOREPLY | |
c13182ef | 75 | packets in response to |
fea681da MK |
76 | .B ICMP_ECHOREQUEST |
77 | packets. | |
78 | .TP | |
920a509f MK |
79 | .I icmp_paramprob_rate " (Linux 2.2 to 2.4.10)" |
80 | .\" Precisely: from 2.1.102 | |
fea681da MK |
81 | Maximum rate for sending |
82 | .B ICMP_PARAMETERPROB | |
83 | packets. | |
84 | These packets are sent when a packet arrives with an invalid IP header. | |
85 | .TP | |
730f3ab2 MK |
86 | .IR icmp_ratelimit " (integer; default: 1000; since Linux 2.4.10)" |
87 | .\" The following taken from 2.6.28-rc4 Documentation/networking/ip-sysctl.txt | |
88 | Limit the maximum rates for sending ICMP packets whose type matches | |
89 | .IR icmp_ratemask | |
90 | (see below) to specific targets. | |
91 | 0 to disable any limiting, | |
92 | otherwise the minimum space between responses in milliseconds. | |
93 | .TP | |
94 | .IR icmp_ratemask " (integer; default: see below; since Linux 2.4.10)" | |
95 | .\" The following taken from 2.6.28-rc4 Documentation/networking/ip-sysctl.txt | |
96 | Mask made of ICMP types for which rates are being limited. | |
97 | ||
98 | Significant bits: IHGFEDCBA9876543210 | |
99 | .br | |
100 | Default mask: 0000001100000011000 (0x1818) | |
101 | ||
102 | Bit definitions (see the kernel source file | |
103 | .IR include/linux/icmp.h ): | |
104 | ||
105 | .in +4n | |
106 | .nf | |
107 | 0 Echo Reply | |
108 | 3 Destination Unreachable * | |
109 | 4 Source Quench * | |
110 | 5 Redirect | |
111 | 8 Echo Request | |
112 | B Time Exceeded * | |
113 | C Parameter Problem * | |
114 | D Timestamp Request | |
115 | E Timestamp Reply | |
116 | F Info Request | |
117 | G Info Reply | |
118 | H Address Mask Request | |
119 | I Address Mask Reply | |
120 | .fi | |
121 | .in | |
122 | ||
123 | The bits marked with an asterisk are rate limited by default | |
124 | (see the default mask above). | |
125 | .TP | |
920a509f | 126 | .IR icmp_timeexceed_rate " (Linux 2.2 to 2.4.10)" |
fea681da MK |
127 | Maximum rate for sending |
128 | .B ICMP_TIME_EXCEEDED | |
c13182ef MK |
129 | packets. |
130 | These packets are | |
131 | sent to prevent loops when a packet has crossed too many hops. | |
2b2581ee MK |
132 | .SH VERSIONS |
133 | Support for the | |
134 | .B ICMP_ADDRESS | |
135 | request was removed in 2.2. | |
136 | .PP | |
137 | Support for | |
138 | .B ICMP_SOURCE_QUENCH | |
139 | was removed in Linux 2.2. | |
fea681da | 140 | .SH NOTES |
c13182ef MK |
141 | As many other implementations don't support |
142 | .B IPPROTO_ICMP | |
fea681da MK |
143 | raw sockets, this feature |
144 | should not be relied on in portable programs. | |
145 | .\" not really true ATM | |
146 | .\" .PP | |
c9d79ca8 | 147 | .\" Linux ICMP should be compliant to RFC 1122. |
fea681da MK |
148 | .PP |
149 | .B ICMP_REDIRECT | |
150 | packets are not sent when Linux is not acting as a router. | |
c13182ef | 151 | They are also only accepted from the old gateway defined in the |
56185b42 | 152 | routing table and the redirect routes are expired after some time. |
fea681da MK |
153 | .PP |
154 | The 64-bit timestamp returned by | |
155 | .B ICMP_TIMESTAMP | |
156 | is in milliseconds since January 1, 1970. | |
157 | .PP | |
c13182ef | 158 | Linux ICMP internally uses a raw socket to send ICMPs. |
56185b42 | 159 | This raw socket may appear in |
fea681da MK |
160 | .BR netstat (8) |
161 | output with a zero inode. | |
fea681da MK |
162 | .SH "SEE ALSO" |
163 | .BR ip (7) | |
164 | .PP | |
c9d79ca8 | 165 | RFC\ 792 for a description of the ICMP protocol. |