FireWall-1 FAQ: ICMP Error Codes
Please note: This content was from when I was operating my FireWall-1 FAQ site, which I stopped operating in August 2005. For some reason people still have links to this stuff on the Internet that people are still clicking on.
I am making this information available again AS IS. Given how old this information is, it is likely wildly inaccurate. I have no plans to update this information.
If you're still running versions of Check Point VPN-1/FireWall-1 where this information is still relevant to you, do yourself a favor and upgrade to a more recent release. If you happen to be running a current release and the information is useful, it's by happenstance :)
From RFC 1700:
Type 0 Echo Reply Type 3 Destination Unreachable Code 0 = net unreachable; 1 = host unreachable; 2 = protocol unreachable; 3 = port unreachable; 4 = fragmentation needed and DF set; 5 = source route failed. Type 4 Source Quench Type 5 Redirect Code 0 = Redirect datagrams for the Network. 1 = Redirect datagrams for the Host. 2 = Redirect datagrams for the Type of Service and Network. 3 = Redirect datagrams for the Type of Service and Host. Type 8 Echo Type 11 Time Exceeded Code 0 = time to live exceeded in transit; 1 = fragment reassembly time exceeded. Type 12 Parameter Problem Code 0 = pointer indicates the error. Type 13 Timestamp Type 14 Timestamp Reply Type 15 Information Request Type 16 Information Reply