6
Firewall
105
ICMP services
Another
type
of
custom
service
that
can
be
created
is
an
ICMP
Service
.
The
Internet
Control
Message
Protocol
(ICMP)
is
a
protocol
that
is
integrated
with
IP
for
reporting
errors
and
transmitting
control
information.
For
example,
the
ICMP
Ping
feature
uses
ICMP
to
test
Internet
connectivity.
ICMP types and codes
ICMP
messages
are
delivered
in
IP
packets,
and
include
a
Message
Type
that
specifies
the
format
of
the
ICMP
message
and
a
Code
that
is
used
to
further
qualify
the
message.
For
example,
the
message
type
Destination
Unreachable
uses
the
Code
parameter
to
specify
the
exact
reason
for
the
error.
Either
all
ICMP
message
types
can
be
accepted
by
a
service
(there
are
256
possible
types)
or
it
is
possible
to
filter
the
types.
Specifying codes
If
a
type
is
selected,
the
codes
for
that
type
can
be
specified
in
the
same
way
that
port
numbers
are
specified.
For
example,
if
the
Destination
Unreachable
type
is
selected
with
the
comma
‐
delimited
code
list
0,1,2,3,
this
will
filter
Network
unreachable
,
Host
unreachable
,
Protocol
unreachable,
and
Port
unreachable
.
When
a
message
type
is
selected
but
no
code
values
are
given,
all
codes
for
that
type
are
assumed.
ICMP message types
The
message
types
that
can
be
selected
are
as
follows:
Echo
Request
Sent
by
PING
to
a
destination
in
order
to
check
connectivity.
Destination
Unreachable
The
source
is
told
that
a
problem
has
occurred
during
packet
delivery.
There
are
codes
from
0
to
5
for
this
type:
•
Code
0:
Net
Unreachable
•
Code
1:
Host
Unreachable
•
Code
2:
Protocol
Unreachable
•
Code
3:
Port
Unreachable
•
Code
4:
Cannot
Fragment
•
Code
5:
Source
Route
Failed
