[thirdparty/man-pages.git] / man7 / icmp.7

.\" This man page is Copyright (C) 1999 Andi Kleen <ak@muc.de>.
.\" Permission is granted to distribute possibly modified copies
.\" of this page provided the header is included verbatim,
.\" and in case of nontrivial modification author and date
.\" of the modification is added to the header.
.\" $Id: icmp.7,v 1.6 2000/08/14 08:03:45 ak Exp $
.TH ICMP 7 2008-11-24 "Linux" "Linux Programmer's Manual"
.SH NAME
icmp, IPPROTO_ICMP \- Linux IPv4 ICMP kernel module.
.SH DESCRIPTION
This kernel protocol module implements the Internet Control
Message Protocol defined in RFC\ 792.
It is used to signal error conditions and for diagnosis.
The user doesn't interact directly with this module;
instead it communicates with the other protocols in the kernel
and these pass the ICMP errors to the application layers.
The kernel ICMP module also answers ICMP requests.
.PP
A user protocol may receive ICMP packets for all local sockets by opening
a raw socket with the protocol
.BR IPPROTO_ICMP .
See
.BR raw (7)
for more information.
The types of ICMP packets passed to the socket can be filtered using the
.B ICMP_FILTER
socket option.
ICMP packets are always processed by the kernel too, even
when passed to a user socket.
.LP
Linux limits the rate of ICMP error packets to each destination.
.B ICMP_REDIRECT
and
.B ICMP_DEST_UNREACH
are also limited by the destination route of the incoming packets.
.SS /proc interfaces
ICMP supports a set of
.I /proc
interfaces to configure some global IP parameters.
The parameters can be accessed by reading or writing files in the directory
.IR /proc/sys/net/ipv4/ .
Most of these parameters are rate limitations for specific ICMP types.
Linux 2.2 uses a token bucket filter to limit ICMPs.
.\" FIXME better description needed
The value is the timeout in jiffies until the token bucket filter is
cleared after a burst.
A jiffy is a system dependent unit, usually 10ms on i386 and
about 1ms on alpha and ia64.
.TP
.IR icmp_destunreach_rate " (Linux 2.2 to 2.4.10)"
.\" Precisely: from 2.1.102
Maximum rate to send ICMP Destination Unreachable packets.
This limits the rate at which packets are sent to any individual
route or destination.
The limit does not affect sending of
.B ICMP_FRAG_NEEDED
packets needed for path MTU discovery.
.TP
.IR icmp_echo_ignore_all " (since Linux 2.2)"
.\" Precisely: 2.1.68
If this value is non-zero, Linux will ignore all
.B ICMP_ECHO
requests.
.TP
.IR icmp_echo_ignore_broadcasts " (since Linux 2.2)"
.\" Precisely: from 2.1.68
If this value is non-zero, Linux will ignore all
.B ICMP_ECHO
packets sent to broadcast addresses.
.TP
.IR icmp_echoreply_rate " (Linux 2.2 to 2.4.10)"
.\" Precisely: from 2.1.102
Maximum rate for sending
.B ICMP_ECHOREPLY
packets in response to
.B ICMP_ECHOREQUEST
packets.
.TP
.I icmp_paramprob_rate " (Linux 2.2 to 2.4.10)"
.\" Precisely: from 2.1.102
Maximum rate for sending
.B ICMP_PARAMETERPROB
packets.
These packets are sent when a packet arrives with an invalid IP header.
.TP
.IR icmp_ratelimit " (integer; default: 1000; since Linux 2.4.10)"
.\" The following taken from 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
Limit the maximum rates for sending ICMP packets whose type matches
.IR icmp_ratemask
(see below) to specific targets.
0 to disable any limiting,
otherwise the minimum space between responses in milliseconds.
.TP
.IR icmp_ratemask " (integer; default: see below; since Linux 2.4.10)"
.\" The following taken from 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
Mask made of ICMP types for which rates are being limited.

Significant bits: IHGFEDCBA9876543210
.br
Default mask:     0000001100000011000 (0x1818)

Bit definitions (see the kernel source file
.IR include/linux/icmp.h ):

.in +4n
.nf
0 Echo Reply
3 Destination Unreachable *
4 Source Quench *
5 Redirect
8 Echo Request
B Time Exceeded *
C Parameter Problem *
D Timestamp Request
E Timestamp Reply
F Info Request
G Info Reply
H Address Mask Request
I Address Mask Reply
.fi
.in

The bits marked with an asterisk are rate limited by default
(see the default mask above).
.TP
.IR icmp_timeexceed_rate " (Linux 2.2 to 2.4.10)"
Maximum rate for sending
.B ICMP_TIME_EXCEEDED
packets.
These packets are
sent to prevent loops when a packet has crossed too many hops.
.SH VERSIONS
Support for the
.B ICMP_ADDRESS
request was removed in 2.2.
.PP
Support for
.B ICMP_SOURCE_QUENCH
was removed in Linux 2.2.
.SH NOTES
As many other implementations don't support
.B IPPROTO_ICMP
raw sockets, this feature
should not be relied on in portable programs.
.\" not really true ATM
.\" .PP
.\" Linux ICMP should be compliant to RFC 1122.
.PP
.B ICMP_REDIRECT
packets are not sent when Linux is not acting as a router.
They are also only accepted from the old gateway defined in the
routing table and the redirect routes are expired after some time.
.PP
The 64-bit timestamp returned by
.B ICMP_TIMESTAMP
is in milliseconds since January 1, 1970.
.PP
Linux ICMP internally uses a raw socket to send ICMPs.
This raw socket may appear in
.BR netstat (8)
output with a zero inode.
.SH "SEE ALSO"
.BR ip (7)
.PP
RFC\ 792 for a description of the ICMP protocol.
Commit	Line	Data
fea681da MK	1	.\" This man page is Copyright (C) 1999 Andi Kleen <ak@muc.de>.
	2	.\" Permission is granted to distribute possibly modified copies
	3	.\" of this page provided the header is included verbatim,
	4	.\" and in case of nontrivial modification author and date
	5	.\" of the modification is added to the header.
	6	.\" $Id: icmp.7,v 1.6 2000/08/14 08:03:45 ak Exp $
920a509f	7	.TH ICMP 7 2008-11-24 "Linux" "Linux Programmer's Manual"
fea681da	8	.SH NAME
c13182ef	9	icmp, IPPROTO_ICMP \- Linux IPv4 ICMP kernel module.
fea681da	10	.SH DESCRIPTION
c13182ef MK	11	This kernel protocol module implements the Internet Control
c13182ef MK	12	Message Protocol defined in RFC\ 792.
56185b42	13	It is used to signal error conditions and for diagnosis.
c13182ef MK	14	The user doesn't interact directly with this module;
	15	instead it communicates with the other protocols in the kernel
	16	and these pass the ICMP errors to the application layers.
56185b42	17	The kernel ICMP module also answers ICMP requests.
fea681da MK	18	.PP
fea681da MK	19	A user protocol may receive ICMP packets for all local sockets by opening
c13182ef	20	a raw socket with the protocol
fea681da MK	21	.BR IPPROTO_ICMP .
	22	See
	23	.BR raw (7)
	24	for more information.
	25	The types of ICMP packets passed to the socket can be filtered using the
c13182ef MK	26	.B ICMP_FILTER
	27	socket option.
	28	ICMP packets are always processed by the kernel too, even
fea681da MK	29	when passed to a user socket.
	30	.LP
	31	Linux limits the rate of ICMP error packets to each destination.
	32	.B ICMP_REDIRECT
	33	and
	34	.B ICMP_DEST_UNREACH
	35	are also limited by the destination route of the incoming packets.
5a2ff571 MK	36	.SS /proc interfaces
	37	ICMP supports a set of
	38	.I /proc
	39	interfaces to configure some global IP parameters.
	40	The parameters can be accessed by reading or writing files in the directory
	41	.IR /proc/sys/net/ipv4/ .
	42	Most of these parameters are rate limitations for specific ICMP types.
c13182ef	43	Linux 2.2 uses a token bucket filter to limit ICMPs.
218e46f8	44	.\" FIXME better description needed
c13182ef MK	45	The value is the timeout in jiffies until the token bucket filter is
c13182ef MK	46	cleared after a burst.
34ccb744	47	A jiffy is a system dependent unit, usually 10ms on i386 and
22399250	48	about 1ms on alpha and ia64.
fea681da	49	.TP
920a509f MK	50	.IR icmp_destunreach_rate " (Linux 2.2 to 2.4.10)"
920a509f MK	51	.\" Precisely: from 2.1.102
c13182ef MK	52	Maximum rate to send ICMP Destination Unreachable packets.
c13182ef MK	53	This limits the rate at which packets are sent to any individual
56185b42	54	route or destination.
fea681da MK	55	The limit does not affect sending of
	56	.B ICMP_FRAG_NEEDED
	57	packets needed for path MTU discovery.
	58	.TP
920a509f MK	59	.IR icmp_echo_ignore_all " (since Linux 2.2)"
920a509f MK	60	.\" Precisely: 2.1.68
eba72288	61	If this value is non-zero, Linux will ignore all
fea681da	62	.B ICMP_ECHO
c13182ef	63	requests.
fea681da	64	.TP
920a509f MK	65	.IR icmp_echo_ignore_broadcasts " (since Linux 2.2)"
920a509f MK	66	.\" Precisely: from 2.1.68
eba72288	67	If this value is non-zero, Linux will ignore all
fea681da	68	.B ICMP_ECHO
c13182ef	69	packets sent to broadcast addresses.
fea681da	70	.TP
920a509f MK	71	.IR icmp_echoreply_rate " (Linux 2.2 to 2.4.10)"
920a509f MK	72	.\" Precisely: from 2.1.102
fea681da MK	73	Maximum rate for sending
fea681da MK	74	.B ICMP_ECHOREPLY
c13182ef	75	packets in response to
fea681da MK	76	.B ICMP_ECHOREQUEST
	77	packets.
	78	.TP
920a509f MK	79	.I icmp_paramprob_rate " (Linux 2.2 to 2.4.10)"
920a509f MK	80	.\" Precisely: from 2.1.102
fea681da MK	81	Maximum rate for sending
	82	.B ICMP_PARAMETERPROB
	83	packets.
	84	These packets are sent when a packet arrives with an invalid IP header.
	85	.TP
730f3ab2 MK	86	.IR icmp_ratelimit " (integer; default: 1000; since Linux 2.4.10)"
	87	.\" The following taken from 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
	88	Limit the maximum rates for sending ICMP packets whose type matches
	89	.IR icmp_ratemask
	90	(see below) to specific targets.
	91	0 to disable any limiting,
	92	otherwise the minimum space between responses in milliseconds.
	93	.TP
	94	.IR icmp_ratemask " (integer; default: see below; since Linux 2.4.10)"
	95	.\" The following taken from 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
	96	Mask made of ICMP types for which rates are being limited.
	97
	98	Significant bits: IHGFEDCBA9876543210
	99	.br
	100	Default mask: 0000001100000011000 (0x1818)
	101
	102	Bit definitions (see the kernel source file
	103	.IR include/linux/icmp.h ):
	104
	105	.in +4n
	106	.nf
	107	0 Echo Reply
	108	3 Destination Unreachable *
	109	4 Source Quench *
	110	5 Redirect
	111	8 Echo Request
	112	B Time Exceeded *
	113	C Parameter Problem *
	114	D Timestamp Request
	115	E Timestamp Reply
	116	F Info Request
	117	G Info Reply
	118	H Address Mask Request
	119	I Address Mask Reply
	120	.fi
	121	.in
	122
	123	The bits marked with an asterisk are rate limited by default
	124	(see the default mask above).
	125	.TP
920a509f	126	.IR icmp_timeexceed_rate " (Linux 2.2 to 2.4.10)"
fea681da MK	127	Maximum rate for sending
fea681da MK	128	.B ICMP_TIME_EXCEEDED
c13182ef MK	129	packets.
	130	These packets are
	131	sent to prevent loops when a packet has crossed too many hops.
2b2581ee MK	132	.SH VERSIONS
	133	Support for the
	134	.B ICMP_ADDRESS
	135	request was removed in 2.2.
	136	.PP
	137	Support for
	138	.B ICMP_SOURCE_QUENCH
	139	was removed in Linux 2.2.
fea681da	140	.SH NOTES
c13182ef MK	141	As many other implementations don't support
c13182ef MK	142	.B IPPROTO_ICMP
fea681da MK	143	raw sockets, this feature
	144	should not be relied on in portable programs.
	145	.\" not really true ATM
	146	.\" .PP
c9d79ca8	147	.\" Linux ICMP should be compliant to RFC 1122.
fea681da MK	148	.PP
	149	.B ICMP_REDIRECT
	150	packets are not sent when Linux is not acting as a router.
c13182ef	151	They are also only accepted from the old gateway defined in the
56185b42	152	routing table and the redirect routes are expired after some time.
fea681da MK	153	.PP
	154	The 64-bit timestamp returned by
	155	.B ICMP_TIMESTAMP
	156	is in milliseconds since January 1, 1970.
	157	.PP
c13182ef	158	Linux ICMP internally uses a raw socket to send ICMPs.
56185b42	159	This raw socket may appear in
fea681da MK	160	.BR netstat (8)
fea681da MK	161	output with a zero inode.
fea681da MK	162	.SH "SEE ALSO"
	163	.BR ip (7)
	164	.PP
c9d79ca8	165	RFC\ 792 for a description of the ICMP protocol.