FireWall-1 FAQ: ICMP Error Codes
Please note: This content was from when I was operating my FireWall-1 FAQ site, which I stopped operating in August 2005. For some reason people still have links to this stuff on the Internet that people are still clicking on.
I am making this information available again AS IS. Given how old this information is, it is likely wildly inaccurate. I have no plans to update this information.
If you're still running versions of Check Point VPN-1/FireWall-1 where this information is still relevant to you, do yourself a favor and upgrade to a more recent release. If you happen to be running a current release and the information is useful, it's by happenstance :)
From RFC 1700:
Type 0 Echo Reply
Type 3 Destination Unreachable
Code
0 = net unreachable;
1 = host unreachable;
2 = protocol unreachable;
3 = port unreachable;
4 = fragmentation needed and DF set;
5 = source route failed.
Type 4 Source Quench
Type 5 Redirect
Code
0 = Redirect datagrams for the Network.
1 = Redirect datagrams for the Host.
2 = Redirect datagrams for the Type of Service and Network.
3 = Redirect datagrams for the Type of Service and Host.
Type 8 Echo
Type 11 Time Exceeded
Code
0 = time to live exceeded in transit;
1 = fragment reassembly time exceeded.
Type 12 Parameter Problem
Code 0 = pointer indicates the error.
Type 13 Timestamp
Type 14 Timestamp Reply
Type 15 Information Request
Type 16 Information Reply
