The PhoneBoy Blog

Simplifying Telecom, Mobile Phones, Gadgets, Health, and More!

FireWall-1 FAQ: ICMP Error Codes

Please note: This content was from when I was operating my FireWall-1 FAQ site, which I stopped operating in August 2005. For some reason people still have links to this stuff on the Internet that people are still clicking on.

I am making this information available again AS IS. Given how old this information is, it is likely wildly inaccurate. I have no plans to update this information.

If you're still running versions of Check Point VPN-1/FireWall-1 where this information is still relevant to you, do yourself a favor and upgrade to a more recent release. If you happen to be running a current release and the information is useful, it's by happenstance :)

From RFC 1700:

    Type 0  Echo Reply 
    Type 3  Destination Unreachable 
                    0 = net unreachable; 
                    1 = host unreachable; 
                    2 = protocol unreachable; 
                    3 = port unreachable; 
                    4 = fragmentation needed and DF set; 
                    5 = source route failed. 
    Type 4  Source Quench 
    Type 5  Redirect 
                    0 = Redirect datagrams for the Network. 
                    1 = Redirect datagrams for the Host. 
                    2 = Redirect datagrams for the Type of Service and Network. 
                    3 = Redirect datagrams for the Type of Service and Host.
    Type 8  Echo 
    Type 11 Time Exceeded 
                    0 = time to live exceeded in transit; 
                    1 = fragment reassembly time exceeded. 
    Type 12 Parameter Problem 
                    Code 0 = pointer indicates the error. 
    Type 13 Timestamp 
    Type 14 Timestamp Reply 
    Type 15 Information Request 
    Type 16 Information Reply

#Cybersecurity Evangelist, Podcaster, #noagenda Producer, Frequenter of shiny metal tubes, Expressor of personal opinions, and of course, a coffee achiever.