1 .\" This man page is Copyright (C) 1999 Andi Kleen <ak@muc.de>.
2 .\" Permission is granted to distribute possibly modified copies
3 .\" of this page provided the header is included verbatim,
4 .\" and in case of nontrivial modification author and date
5 .\" of the modification is added to the header.
6 .\" $Id: icmp.7,v 1.6 2000/08/14 08:03:45 ak Exp $
7 .TH ICMP 7 2012-05-10 "Linux" "Linux Programmer's Manual"
9 icmp \- Linux IPv4 ICMP kernel module.
11 This kernel protocol module implements the Internet Control
12 Message Protocol defined in RFC\ 792.
13 It is used to signal error conditions and for diagnosis.
14 The user doesn't interact directly with this module;
15 instead it communicates with the other protocols in the kernel
16 and these pass the ICMP errors to the application layers.
17 The kernel ICMP module also answers ICMP requests.
19 A user protocol may receive ICMP packets for all local sockets by opening
20 a raw socket with the protocol
25 The types of ICMP packets passed to the socket can be filtered using the
28 ICMP packets are always processed by the kernel too, even
29 when passed to a user socket.
31 Linux limits the rate of ICMP error packets to each destination.
35 are also limited by the destination route of the incoming packets.
37 ICMP supports a set of
39 interfaces to configure some global IP parameters.
40 The parameters can be accessed by reading or writing files in the directory
41 .IR /proc/sys/net/ipv4/ .
42 Most of these parameters are rate limitations for specific ICMP types.
43 Linux 2.2 uses a token bucket filter to limit ICMPs.
44 .\" FIXME better description needed
45 The value is the timeout in jiffies until the token bucket filter is
46 cleared after a burst.
47 A jiffy is a system dependent unit, usually 10ms on i386 and
48 about 1ms on alpha and ia64.
50 .IR icmp_destunreach_rate " (Linux 2.2 to 2.4.9)"
51 .\" Precisely: from 2.1.102
52 Maximum rate to send ICMP Destination Unreachable packets.
53 This limits the rate at which packets are sent to any individual
55 The limit does not affect sending of
57 packets needed for path MTU discovery.
59 .IR icmp_echo_ignore_all " (since Linux 2.2)"
61 If this value is nonzero, Linux will ignore all
65 .IR icmp_echo_ignore_broadcasts " (since Linux 2.2)"
66 .\" Precisely: from 2.1.68
67 If this value is nonzero, Linux will ignore all
69 packets sent to broadcast addresses.
71 .IR icmp_echoreply_rate " (Linux 2.2 to 2.4.9)"
72 .\" Precisely: from 2.1.102
73 Maximum rate for sending
75 packets in response to
79 .IR icmp_errors_use_inbound_ifaddr " (Boolean; default: disabled; since Linux 2.6.12)"
80 .\" The following taken from 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
81 If disabled, ICMP error messages are sent with the primary address of
82 the exiting interface.
84 If enabled, the message will be sent with the primary address of
85 the interface that received the packet that caused the ICMP error.
86 This is the behavior that many network administrators will expect from
88 And it can make debugging complicated network layouts much easier.
90 Note that if no primary address exists for the interface selected,
91 then the primary address of the first non-loopback interface that
92 has one will be used regardless of this setting.
94 .IR icmp_ignore_bogus_error_responses " (Boolean; default: disabled; since Linux 2.2)"
95 .\" precisely: since 2.1.32
96 .\" The following taken from 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
97 Some routers violate RFC1122 by sending bogus responses to broadcast frames.
98 Such violations are normally logged via a kernel warning.
99 If this parameter is enabled, the kernel will not give such warnings,
100 which will avoid log file clutter.
102 .IR icmp_paramprob_rate " (Linux 2.2 to 2.4.9)"
103 .\" Precisely: from 2.1.102
104 Maximum rate for sending
105 .B ICMP_PARAMETERPROB
107 These packets are sent when a packet arrives with an invalid IP header.
109 .IR icmp_ratelimit " (integer; default: 1000; since Linux 2.4.10)"
110 .\" The following taken from 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
111 Limit the maximum rates for sending ICMP packets whose type matches
113 (see below) to specific targets.
114 0 to disable any limiting,
115 otherwise the minimum space between responses in milliseconds.
117 .IR icmp_ratemask " (integer; default: see below; since Linux 2.4.10)"
118 .\" The following taken from 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
119 Mask made of ICMP types for which rates are being limited.
121 Significant bits: IHGFEDCBA9876543210
123 Default mask: 0000001100000011000 (0x1818)
125 Bit definitions (see the Linux kernel source file
126 .IR include/linux/icmp.h ):
131 3 Destination Unreachable *
136 C Parameter Problem *
141 H Address Mask Request
146 The bits marked with an asterisk are rate limited by default
147 (see the default mask above).
149 .IR icmp_timeexceed_rate " (Linux 2.2 to 2.4.9)"
150 Maximum rate for sending
151 .B ICMP_TIME_EXCEEDED
154 sent to prevent loops when a packet has crossed too many hops.
158 request was removed in 2.2.
161 .B ICMP_SOURCE_QUENCH
162 was removed in Linux 2.2.
164 As many other implementations don't support
166 raw sockets, this feature
167 should not be relied on in portable programs.
168 .\" not really true ATM
170 .\" Linux ICMP should be compliant to RFC 1122.
173 packets are not sent when Linux is not acting as a router.
174 They are also only accepted from the old gateway defined in the
175 routing table and the redirect routes are expired after some time.
177 The 64-bit timestamp returned by
179 is in milliseconds since the Epoch, 1970-01-01 00:00:00 +0000 (UTC).
181 Linux ICMP internally uses a raw socket to send ICMPs.
182 This raw socket may appear in
184 output with a zero inode.
188 RFC\ 792 for a description of the ICMP protocol.