ICMP(4)             Linux Programmer's Manual             ICMP(4)

NAME
       icmp, IPPROTO_ICMP - Linux IPv4 ICMP kernel module.

DESCRIPTION
       This  kernel  protocol module implements the Internet Con-
       trol Message Protocol defined in RFC792.  It  is  used  to
       signal  error  conditions  and  for  diagnosis.   The user
       doesn't interact directly with  this  module;  instead  it
       communicates  with  the  other protocols in the kernel and
       these pass the ICMP errors to the application layers.  The
       kernel ICMP module also answers to ICMP requests.

       A  user  protocol  may  receive ICMP packets for all local
       sockets  by  opening  a  RAW  socket  with  the   protocol
       IPPROTO_ICMP.  See raw(4) for more information.  The types
       of ICMP packets passed to the socket can be filtered using
       the  ICMP_FILTER  socket  option.  ICMP packets are always
       processed by the kernel too, even when passed  to  a  user
       socket.

       Linux  rate  limits  ICMP  error  packets per destination.
       ICMP_REDIRECT and ICMP_DEST_UNREACH are limited per desti-
       nation route of the incoming packets.

SYSCTLS
       ICMP  supports a sysctl interface to configure some global
       IP parameters. The sysctls can be accessed by  reading  or
       writing   the   /proc/sys/net/ipv4/*  files  or  with  the
       sysctl(2) interface. Most of these sysctls are rate  limi-
       tations  for  specific ICMP types.  Linux 2.2 uses a token
       bucket filter to limit ICMPs.  The value is the timeout in
       seconds until the token bucket filter is cleared.

       icmp_destunreach_rate
              Maximum  rate  to send ICMP Destination Unreachable
              packets.  They are are limited per route and  addi-
              tionally  per  destination.  This sysctl limits the
              per destination rate and are local per destination.
              The    limit    does    not   affect   sending   of
              ICMP_FRAG_NEEDED packets needed for path  mtu  dis-
              covery.

       icmp_echo_ignore_all
              Ignore all ICMP_ECHO requests if not zero.

       icmp_echo_ignore_broadcasts
              Ignore   ICMP_ECHO   packets   sent   to  broadcast
              addresses if not zero.

       icmp_echoreply_rate
              Maximum rate for  outgoing  ICMP_ECHOREPLY  packets
              sent in response to ICMP_ECHOREQUEST packets.

       icmp_paramprob_rate
              Maximum  rate for outgoing ICMP_PARAMETERPROB pack-
              ets sent. These packets  are  sent  when  a  packet
              arrives with an invalid IP header.

       icmp_timeexceed_rate
              Maximum  rate for outgoing ICMP_TIME_EXCEEDED pack-
              ets sent. These packets are sent to  prevent  loops
              when a packet has crossed too many hops.

NOTES
       As many other OSes don't support IPPROTO_ICMP raw sockets,
       this feature should not be relied on in portable programs.

       ICMP_REDIRECT  packets are not sent when Linux is not act-
       ing as a router.  They are also only accepted from the old
       gateway  defined  in  the  routing  table and the redirect
       routes are expired after some time.

       The 64-bit timestamp returned by ICMP_TIMESTAMP is in mil-
       liseconds since January 1, 1970.

       Linux  ICMP  internally  uses  a raw socket to send ICMPs.
       This raw socket may appear in  netstat(8)  output  with  a
       zero inode.

VERSIONS
       Support  for  the ICMP_ADDRESS_MASK request was removed in
       2.2.

       Support for ICMP_SOURCE_QUENCH was removed in Linux 2.2.

SEE ALSO
       ip(4)

       RFC792 for a description of the ICMP protocol.

Linux Man Page              2 Oct 1998                          1