2004-11-03 13:51:07 +00:00
|
|
|
.\" This man page is Copyright (C) 1999 Andi Kleen <ak@muc.de>.
|
|
|
|
.\" Permission is granted to distribute possibly modified copies
|
|
|
|
.\" of this page provided the header is included verbatim,
|
|
|
|
.\" and in case of nontrivial modification author and date
|
|
|
|
.\" of the modification is added to the header.
|
|
|
|
.\" $Id: icmp.7,v 1.6 2000/08/14 08:03:45 ak Exp $
|
futimesat.2, mount.2, confstr.3, iconv.3, makedev.3, malloc.3, strcasecmp.3, strcat.3, strcmp.3, strcpy.3, strdup.3, strftime.3, strnlen.3, strpbrk.3, strspn.3, strtok.3, strxfrm.3, sk98lin.4, icmp.7, ipv6.7, packet.7, raw.7, rtnetlink.7, unix.7, x25.7, ldconfig.8, nscd.8: tstamp
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2012-05-10 20:09:28 +00:00
|
|
|
.TH ICMP 7 2012-05-10 "Linux" "Linux Programmer's Manual"
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH NAME
|
2012-05-03 17:00:00 +00:00
|
|
|
icmp \- Linux IPv4 ICMP kernel module.
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH DESCRIPTION
|
2007-04-12 22:42:49 +00:00
|
|
|
This kernel protocol module implements the Internet Control
|
|
|
|
Message Protocol defined in RFC\ 792.
|
2006-01-03 10:58:34 +00:00
|
|
|
It is used to signal error conditions and for diagnosis.
|
2007-04-12 22:42:49 +00:00
|
|
|
The user doesn't interact directly with this module;
|
|
|
|
instead it communicates with the other protocols in the kernel
|
|
|
|
and these pass the ICMP errors to the application layers.
|
2006-01-03 10:58:34 +00:00
|
|
|
The kernel ICMP module also answers ICMP requests.
|
2004-11-03 13:51:07 +00:00
|
|
|
.PP
|
|
|
|
A user protocol may receive ICMP packets for all local sockets by opening
|
2007-04-12 22:42:49 +00:00
|
|
|
a raw socket with the protocol
|
2004-11-03 13:51:07 +00:00
|
|
|
.BR IPPROTO_ICMP .
|
|
|
|
See
|
|
|
|
.BR raw (7)
|
|
|
|
for more information.
|
|
|
|
The types of ICMP packets passed to the socket can be filtered using the
|
2007-04-12 22:42:49 +00:00
|
|
|
.B ICMP_FILTER
|
|
|
|
socket option.
|
|
|
|
ICMP packets are always processed by the kernel too, even
|
2004-11-03 13:51:07 +00:00
|
|
|
when passed to a user socket.
|
|
|
|
.LP
|
|
|
|
Linux limits the rate of ICMP error packets to each destination.
|
|
|
|
.B ICMP_REDIRECT
|
|
|
|
and
|
|
|
|
.B ICMP_DEST_UNREACH
|
|
|
|
are also limited by the destination route of the incoming packets.
|
connect.2, listen.2, send.2, uname.2, cmsg.3, proc.5, arp.7, ddp.7, icmp.7, ip.7, raw.7, socket.7, tcp.7, udp.7: Global fix: eliminate mention of the obsolete sysctl(2) interface
Many pages still mention use of the obsolete sysctl(2) system
call, or used the term "sysctls"; rewrite these mentions to
instead be in terms of /proc interfaces.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2008-11-20 20:37:11 +00:00
|
|
|
.SS /proc interfaces
|
|
|
|
ICMP supports a set of
|
|
|
|
.I /proc
|
|
|
|
interfaces to configure some global IP parameters.
|
|
|
|
The parameters can be accessed by reading or writing files in the directory
|
|
|
|
.IR /proc/sys/net/ipv4/ .
|
|
|
|
Most of these parameters are rate limitations for specific ICMP types.
|
2007-04-12 22:42:49 +00:00
|
|
|
Linux 2.2 uses a token bucket filter to limit ICMPs.
|
2006-03-23 02:13:08 +00:00
|
|
|
.\" FIXME better description needed
|
2007-04-12 22:42:49 +00:00
|
|
|
The value is the timeout in jiffies until the token bucket filter is
|
|
|
|
cleared after a burst.
|
2007-12-24 17:31:35 +00:00
|
|
|
A jiffy is a system dependent unit, usually 10ms on i386 and
|
2007-07-08 16:06:51 +00:00
|
|
|
about 1ms on alpha and ia64.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
2008-11-24 20:17:10 +00:00
|
|
|
.IR icmp_destunreach_rate " (Linux 2.2 to 2.4.9)"
|
2008-11-24 19:49:37 +00:00
|
|
|
.\" Precisely: from 2.1.102
|
2007-04-12 22:42:49 +00:00
|
|
|
Maximum rate to send ICMP Destination Unreachable packets.
|
|
|
|
This limits the rate at which packets are sent to any individual
|
2006-01-03 10:58:34 +00:00
|
|
|
route or destination.
|
2004-11-03 13:51:07 +00:00
|
|
|
The limit does not affect sending of
|
|
|
|
.B ICMP_FRAG_NEEDED
|
|
|
|
packets needed for path MTU discovery.
|
|
|
|
.TP
|
2008-11-24 19:49:37 +00:00
|
|
|
.IR icmp_echo_ignore_all " (since Linux 2.2)"
|
|
|
|
.\" Precisely: 2.1.68
|
intro.1, time.1, adjtimex.2, capget.2, eventfd.2, fcntl.2, getrlimit.2, getsockopt.2, gettimeofday.2, intro.2, ioctl_list.2, ioperm.2, mlock.2, pivot_root.2, poll.2, prctl.2, ptrace.2, sched_setscheduler.2, select_tut.2, semget.2, sigaltstack.2, signalfd.2, sysctl.2, timer_settime.2, timerfd_create.2, wait.2, CPU_SET.3, argz_add.3, assert_perror.3, atexit.3, backtrace.3, bcmp.3, clearenv.3, ctime.3, dl_iterate_phdr.3, dlopen.3, ecvt.3, errno.3, error.3, ether_aton.3, exit.3, fenv.3, ferror.3, finite.3, flockfile.3, fnmatch.3, fpathconf.3, fpclassify.3, ftime.3, ftok.3, ftw.3, fwide.3, getaddrinfo.3, gethostbyname.3, getlogin.3, getnameinfo.3, getnetent.3, getopt.3, getprotoent.3, getrpcent.3, getservent.3, glob.3, hsearch.3, inet.3, isalpha.3, iswalnum.3, iswalpha.3, iswblank.3, iswcntrl.3, iswctype.3, iswdigit.3, iswgraph.3, iswlower.3, iswprint.3, iswpunct.3, iswspace.3, iswupper.3, iswxdigit.3, longjmp.3, lsearch.3, malloc.3, matherr.3, mblen.3, mbsinit.3, mbtowc.3, on_exit.3, printf.3, pthread_attr_init.3, pthread_attr_setaffinity_np.3, pthread_attr_setdetachstate.3, pthread_attr_setguardsize.3, pthread_attr_setinheritsched.3, pthread_attr_setschedparam.3, pthread_attr_setschedpolicy.3, pthread_attr_setscope.3, pthread_attr_setstack.3, pthread_attr_setstackaddr.3, pthread_attr_setstacksize.3, pthread_cancel.3, pthread_cleanup_push.3, pthread_equal.3, pthread_getattr_np.3, pthread_getcpuclockid.3, pthread_setaffinity_np.3, pthread_setcancelstate.3, pthread_setconcurrency.3, pthread_setschedparam.3, pthread_setschedprio.3, ptsname.3, putenv.3, putgrent.3, raise.3, rcmd.3, regex.3, rexec.3, rpc.3, rpmatch.3, rtnetlink.3, scandir.3, sem_init.3, setaliasent.3, setbuf.3, setenv.3, setjmp.3, signbit.3, stdio_ext.3, strtod.3, strtol.3, strtoul.3, system.3, termios.3, timeradd.3, tzset.3, ualarm.3, wctomb.3, xdr.3, st.4, tty_ioctl.4, core.5, elf.5, proc.5, bootparam.7, capabilities.7, icmp.7, ip.7, ipv6.7, math_error.7, mdoc.samples.7, mq_overview.7, pthreads.7, raw.7, regex.7, socket.7, tcp.7, tzselect.8: Global fix: s/non-zero/nonzero/
The tendency in English, as prescribed in style guides like
Chicago MoS, is towards removing hyphens after prefixes
like "non-" etc.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2010-01-16 16:40:55 +00:00
|
|
|
If this value is nonzero, Linux will ignore all
|
2004-11-03 13:51:07 +00:00
|
|
|
.B ICMP_ECHO
|
2007-04-12 22:42:49 +00:00
|
|
|
requests.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
2008-11-24 19:49:37 +00:00
|
|
|
.IR icmp_echo_ignore_broadcasts " (since Linux 2.2)"
|
|
|
|
.\" Precisely: from 2.1.68
|
intro.1, time.1, adjtimex.2, capget.2, eventfd.2, fcntl.2, getrlimit.2, getsockopt.2, gettimeofday.2, intro.2, ioctl_list.2, ioperm.2, mlock.2, pivot_root.2, poll.2, prctl.2, ptrace.2, sched_setscheduler.2, select_tut.2, semget.2, sigaltstack.2, signalfd.2, sysctl.2, timer_settime.2, timerfd_create.2, wait.2, CPU_SET.3, argz_add.3, assert_perror.3, atexit.3, backtrace.3, bcmp.3, clearenv.3, ctime.3, dl_iterate_phdr.3, dlopen.3, ecvt.3, errno.3, error.3, ether_aton.3, exit.3, fenv.3, ferror.3, finite.3, flockfile.3, fnmatch.3, fpathconf.3, fpclassify.3, ftime.3, ftok.3, ftw.3, fwide.3, getaddrinfo.3, gethostbyname.3, getlogin.3, getnameinfo.3, getnetent.3, getopt.3, getprotoent.3, getrpcent.3, getservent.3, glob.3, hsearch.3, inet.3, isalpha.3, iswalnum.3, iswalpha.3, iswblank.3, iswcntrl.3, iswctype.3, iswdigit.3, iswgraph.3, iswlower.3, iswprint.3, iswpunct.3, iswspace.3, iswupper.3, iswxdigit.3, longjmp.3, lsearch.3, malloc.3, matherr.3, mblen.3, mbsinit.3, mbtowc.3, on_exit.3, printf.3, pthread_attr_init.3, pthread_attr_setaffinity_np.3, pthread_attr_setdetachstate.3, pthread_attr_setguardsize.3, pthread_attr_setinheritsched.3, pthread_attr_setschedparam.3, pthread_attr_setschedpolicy.3, pthread_attr_setscope.3, pthread_attr_setstack.3, pthread_attr_setstackaddr.3, pthread_attr_setstacksize.3, pthread_cancel.3, pthread_cleanup_push.3, pthread_equal.3, pthread_getattr_np.3, pthread_getcpuclockid.3, pthread_setaffinity_np.3, pthread_setcancelstate.3, pthread_setconcurrency.3, pthread_setschedparam.3, pthread_setschedprio.3, ptsname.3, putenv.3, putgrent.3, raise.3, rcmd.3, regex.3, rexec.3, rpc.3, rpmatch.3, rtnetlink.3, scandir.3, sem_init.3, setaliasent.3, setbuf.3, setenv.3, setjmp.3, signbit.3, stdio_ext.3, strtod.3, strtol.3, strtoul.3, system.3, termios.3, timeradd.3, tzset.3, ualarm.3, wctomb.3, xdr.3, st.4, tty_ioctl.4, core.5, elf.5, proc.5, bootparam.7, capabilities.7, icmp.7, ip.7, ipv6.7, math_error.7, mdoc.samples.7, mq_overview.7, pthreads.7, raw.7, regex.7, socket.7, tcp.7, tzselect.8: Global fix: s/non-zero/nonzero/
The tendency in English, as prescribed in style guides like
Chicago MoS, is towards removing hyphens after prefixes
like "non-" etc.
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2010-01-16 16:40:55 +00:00
|
|
|
If this value is nonzero, Linux will ignore all
|
2004-11-03 13:51:07 +00:00
|
|
|
.B ICMP_ECHO
|
2007-04-12 22:42:49 +00:00
|
|
|
packets sent to broadcast addresses.
|
2004-11-03 13:51:07 +00:00
|
|
|
.TP
|
2008-11-24 20:17:10 +00:00
|
|
|
.IR icmp_echoreply_rate " (Linux 2.2 to 2.4.9)"
|
2008-11-24 19:49:37 +00:00
|
|
|
.\" Precisely: from 2.1.102
|
2004-11-03 13:51:07 +00:00
|
|
|
Maximum rate for sending
|
|
|
|
.B ICMP_ECHOREPLY
|
2007-04-12 22:42:49 +00:00
|
|
|
packets in response to
|
2004-11-03 13:51:07 +00:00
|
|
|
.B ICMP_ECHOREQUEST
|
|
|
|
packets.
|
|
|
|
.TP
|
2008-11-24 20:45:20 +00:00
|
|
|
.IR icmp_errors_use_inbound_ifaddr " (Boolean; default: disabled; since Linux 2.6.12)"
|
|
|
|
.\" The following taken from 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
|
2008-11-24 20:46:52 +00:00
|
|
|
If disabled, ICMP error messages are sent with the primary address of
|
2008-11-24 20:45:20 +00:00
|
|
|
the exiting interface.
|
2008-11-26 02:44:53 +00:00
|
|
|
|
2008-11-24 20:46:52 +00:00
|
|
|
If enabled, the message will be sent with the primary address of
|
2008-11-24 20:45:20 +00:00
|
|
|
the interface that received the packet that caused the ICMP error.
|
|
|
|
This is the behavior that many network administrators will expect from
|
|
|
|
a router.
|
2008-11-26 02:44:53 +00:00
|
|
|
And it can make debugging complicated network layouts much easier.
|
2008-11-24 20:45:20 +00:00
|
|
|
|
|
|
|
Note that if no primary address exists for the interface selected,
|
|
|
|
then the primary address of the first non-loopback interface that
|
|
|
|
has one will be used regardless of this setting.
|
|
|
|
.TP
|
2009-09-27 07:26:24 +00:00
|
|
|
.IR icmp_ignore_bogus_error_responses " (Boolean; default: disabled; since Linux 2.2)"
|
2008-11-24 20:50:02 +00:00
|
|
|
.\" precisely: since 2.1.32
|
|
|
|
.\" The following taken from 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
|
|
|
|
Some routers violate RFC1122 by sending bogus responses to broadcast frames.
|
|
|
|
Such violations are normally logged via a kernel warning.
|
|
|
|
If this parameter is enabled, the kernel will not give such warnings,
|
|
|
|
which will avoid log file clutter.
|
|
|
|
.TP
|
2008-11-24 20:17:10 +00:00
|
|
|
.IR icmp_paramprob_rate " (Linux 2.2 to 2.4.9)"
|
2008-11-24 19:49:37 +00:00
|
|
|
.\" Precisely: from 2.1.102
|
2004-11-03 13:51:07 +00:00
|
|
|
Maximum rate for sending
|
|
|
|
.B ICMP_PARAMETERPROB
|
|
|
|
packets.
|
|
|
|
These packets are sent when a packet arrives with an invalid IP header.
|
|
|
|
.TP
|
2008-11-24 20:16:10 +00:00
|
|
|
.IR icmp_ratelimit " (integer; default: 1000; since Linux 2.4.10)"
|
|
|
|
.\" The following taken from 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
|
|
|
|
Limit the maximum rates for sending ICMP packets whose type matches
|
|
|
|
.IR icmp_ratemask
|
|
|
|
(see below) to specific targets.
|
|
|
|
0 to disable any limiting,
|
|
|
|
otherwise the minimum space between responses in milliseconds.
|
|
|
|
.TP
|
|
|
|
.IR icmp_ratemask " (integer; default: see below; since Linux 2.4.10)"
|
|
|
|
.\" The following taken from 2.6.28-rc4 Documentation/networking/ip-sysctl.txt
|
|
|
|
Mask made of ICMP types for which rates are being limited.
|
|
|
|
|
|
|
|
Significant bits: IHGFEDCBA9876543210
|
|
|
|
.br
|
|
|
|
Default mask: 0000001100000011000 (0x1818)
|
|
|
|
|
|
|
|
Bit definitions (see the kernel source file
|
|
|
|
.IR include/linux/icmp.h ):
|
|
|
|
|
|
|
|
.in +4n
|
|
|
|
.nf
|
|
|
|
0 Echo Reply
|
|
|
|
3 Destination Unreachable *
|
|
|
|
4 Source Quench *
|
|
|
|
5 Redirect
|
|
|
|
8 Echo Request
|
|
|
|
B Time Exceeded *
|
|
|
|
C Parameter Problem *
|
|
|
|
D Timestamp Request
|
|
|
|
E Timestamp Reply
|
|
|
|
F Info Request
|
|
|
|
G Info Reply
|
|
|
|
H Address Mask Request
|
|
|
|
I Address Mask Reply
|
|
|
|
.fi
|
|
|
|
.in
|
|
|
|
|
|
|
|
The bits marked with an asterisk are rate limited by default
|
|
|
|
(see the default mask above).
|
|
|
|
.TP
|
2008-11-24 20:17:10 +00:00
|
|
|
.IR icmp_timeexceed_rate " (Linux 2.2 to 2.4.9)"
|
2004-11-03 13:51:07 +00:00
|
|
|
Maximum rate for sending
|
|
|
|
.B ICMP_TIME_EXCEEDED
|
2007-04-12 22:42:49 +00:00
|
|
|
packets.
|
|
|
|
These packets are
|
|
|
|
sent to prevent loops when a packet has crossed too many hops.
|
2007-05-19 04:30:20 +00:00
|
|
|
.SH VERSIONS
|
|
|
|
Support for the
|
|
|
|
.B ICMP_ADDRESS
|
|
|
|
request was removed in 2.2.
|
|
|
|
.PP
|
|
|
|
Support for
|
|
|
|
.B ICMP_SOURCE_QUENCH
|
|
|
|
was removed in Linux 2.2.
|
2004-11-03 13:51:07 +00:00
|
|
|
.SH NOTES
|
2007-04-12 22:42:49 +00:00
|
|
|
As many other implementations don't support
|
|
|
|
.B IPPROTO_ICMP
|
2004-11-03 13:51:07 +00:00
|
|
|
raw sockets, this feature
|
|
|
|
should not be relied on in portable programs.
|
|
|
|
.\" not really true ATM
|
|
|
|
.\" .PP
|
2005-06-21 08:32:40 +00:00
|
|
|
.\" Linux ICMP should be compliant to RFC 1122.
|
2004-11-03 13:51:07 +00:00
|
|
|
.PP
|
|
|
|
.B ICMP_REDIRECT
|
|
|
|
packets are not sent when Linux is not acting as a router.
|
2007-04-12 22:42:49 +00:00
|
|
|
They are also only accepted from the old gateway defined in the
|
2006-01-03 10:58:34 +00:00
|
|
|
routing table and the redirect routes are expired after some time.
|
2004-11-03 13:51:07 +00:00
|
|
|
.PP
|
|
|
|
The 64-bit timestamp returned by
|
|
|
|
.B ICMP_TIMESTAMP
|
stime.2, time.2, utimensat.2, ctime.3, difftime.3, ftime.3, getspnam.3, mq_receive.3, mq_send.3, rtime.3, sem_wait.3, strftime.3, strptime.3, timeradd.3, rtc.4, core.5, proc.5, icmp.7, time.7: Global fix: Consistently define the Epoch
All definitions of the Epoch have been refactored to the following:
1970-01-01 00:00:00 +0000 (UTC)
That form is more consistent, logical, precise, and internationally
recognizable than the other variants.
Also, some wording has been altered as well.
Signed-off-by: Michael Witten <mfwitten@gmail.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2010-01-17 03:53:52 +00:00
|
|
|
is in milliseconds since the Epoch, 1970-01-01 00:00:00 +0000 (UTC).
|
2004-11-03 13:51:07 +00:00
|
|
|
.PP
|
2007-04-12 22:42:49 +00:00
|
|
|
Linux ICMP internally uses a raw socket to send ICMPs.
|
2006-01-03 10:58:34 +00:00
|
|
|
This raw socket may appear in
|
2004-11-03 13:51:07 +00:00
|
|
|
.BR netstat (8)
|
|
|
|
output with a zero inode.
|
|
|
|
.SH "SEE ALSO"
|
|
|
|
.BR ip (7)
|
|
|
|
.PP
|
2005-06-21 08:32:40 +00:00
|
|
|
RFC\ 792 for a description of the ICMP protocol.
|