ICMP(7) Linux Programmer's Manual ICMP(7)NAME
icmp, IPPROTO_ICMP - Linux IPv4 ICMP kernel module.
DESCRIPTION
This kernel protocol module implements the Internet Control Message Protocol defined in RFC792. It is used to signal error conditions and
for diagnosis. The user doesn't interact directly with this module; instead it communicates with the other protocols in the kernel and
these pass the ICMP errors to the application layers. The kernel ICMP module also answers ICMP requests.
A user protocol may receive ICMP packets for all local sockets by opening a raw socket with the protocol IPPROTO_ICMP. See raw(7) for more
information. The types of ICMP packets passed to the socket can be filtered using the ICMP_FILTER socket option. ICMP packets are always
processed by the kernel too, even when passed to a user socket.
Linux limits the rate of ICMP error packets to each destination. ICMP_REDIRECT and ICMP_DEST_UNREACH are also limited by the destination
route of the incoming packets.
SYSCTLS
ICMP supports a sysctl interface to configure some global IP parameters. The sysctls can be accessed by reading or writing the
/proc/sys/net/ipv4/* files or with the sysctl(2) interface. Most of these sysctls are rate limitations for specific ICMP types. Linux 2.2
uses a token bucket filter to limit ICMPs. The value is the timeout in jiffies until the token bucket filter is cleared after a burst. A
jiffy is a system dependent unit, usually 10ms on x86 and about 1ms on alpha and IA64.
icmp_destunreach_rate
Maximum rate to send ICMP Destination Unreachable packets. This limits the rate at which packets are sent to any individual route
or destination. The limit does not affect sending of ICMP_FRAG_NEEDED packets needed for path MTU discovery.
icmp_echo_ignore_all
If this value is non-zero, Linux will ignore all ICMP_ECHO requests.
icmp_echo_ignore_broadcasts
If this value is non-zero, Linux will ignore all ICMP_ECHO packets sent to broadcast addresses.
icmp_echoreply_rate
Maximum rate for sending ICMP_ECHOREPLY packets in response to ICMP_ECHOREQUEST packets.
icmp_paramprob_rate
Maximum rate for sending ICMP_PARAMETERPROB packets. These packets are sent when a packet arrives with an invalid IP header.
icmp_timeexceed_rate
Maximum rate for sending ICMP_TIME_EXCEEDED packets. These packets are sent to prevent loops when a packet has crossed too many
hops.
NOTES
As many other implementations don't support IPPROTO_ICMP raw sockets, this feature should not be relied on in portable programs.
ICMP_REDIRECT packets are not sent when Linux is not acting as a router. They are also only accepted from the old gateway defined in the
routing table and the redirect routes are expired after some time.
The 64-bit timestamp returned by ICMP_TIMESTAMP is in milliseconds since January 1, 1970.
Linux ICMP internally uses a raw socket to send ICMPs. This raw socket may appear in netstat(8) output with a zero inode.
VERSIONS
Support for the ICMP_ADDRESS request was removed in 2.2.
Support for ICMP_SOURCE_QUENCH was removed in Linux 2.2.
SEE ALSO ip(7)
RFC792 for a description of the ICMP protocol.
Linux Man Page 1999-04-27 ICMP(7)
Check Out this Related Man Page
ICMP(4) BSD Kernel Interfaces Manual ICMP(4)NAME
icmp -- Internet Control Message Protocol
SYNOPSIS
#include <sys/socket.h>
#include <netinet/in.h>
int
socket(AF_INET, SOCK_RAW, proto);
DESCRIPTION
ICMP is the error and control message protocol used by IP and the Internet protocol family. It may be accessed through a ``raw socket'' for
network monitoring and diagnostic functions. The proto parameter to the socket call to create an ICMP socket is obtained from
getprotobyname(3). ICMP sockets are connectionless, and are normally used with the sendto and recvfrom calls, though the connect(2) call may
also be used to fix the destination for future packets (in which case the read(2) or recv(2) and write(2) or send(2) system calls may be
used).
Outgoing packets automatically have an IP header prepended to them (based on the destination address). Incoming packets are received with
the IP header and options intact. Note that the ip_off and ip_len fields are in host byte order. For more information about the IP header
structure, see ip(4).
Non-privileged ICMP
ICMP sockets can be opened with the SOCK_DGRAM socket type without requiring root privileges. The synopsis is the following:
socket(AF_INET, SOCK_DGRAM, IPPROTO_ICMP)
Datagram oriented ICMP sockets offer a subset of the functionality available to raw ICMP sockets. Only IMCP request messages of the following
types can be sent: ICMP_ECHO, ICMP_TSTAMP or ICMP_MASKREQ. The code field must be the value zero (0). The minimal length of an ICMP message
request is eight (8) octets.
The advantage of using datagram oriented ICMP sockets is that even a non-privileged process can use ICMP echo requests to gauge the quality
of the connectivity to a host, or to receive ICMP destination unreachable message for path MTU discovery, or to receive time exceeded mes-
sages for traceroute.
The following IP level option can be used with datagram oriented ICMP sockets:
IP_OPTIONS
IP_HDRINCL
IP_TOS
IP_TTL
IP_RECVOPTS
IP_RECVRETOPTS
IP_RECVDSTADDR
IP_RETOPTS
IP_MULTICAST_IF
IP_MULTICAST_TTL
IP_MULTICAST_LOOP
IP_ADD_MEMBERSHIP
IP_DROP_MEMBERSHIP
IP_MULTICAST_VIF
IP_PORTRANGE
IP_RECVIF
IP_IPSEC_POLICY
IP_STRIPHDR
When the IP option IP_HDRINCL is used, the provided IP header must obey the following rules:
ip_v Must be IPVERSION (4);
ip_hl Between 5 and 10 (inclusive);
ip_tos Any value;
ip_len Must be the total length of IP datagram (IP header + ICMP message);
ip_id Must be zero, will be automatically set;
ip_off Must be zero, will be automatically set;
ip_ttl Any value;
ip_p Must be IPPROTO_IP;
ip_sum Value ignored, will be automatically set;
ip_src Must be an IP address currently assigned to one of the local interface or INADDR_ANY;
ip_dst Any address;
ip_opts Any option.
The maximum length of a IMCP message that can be sent is controlled by the sysctl variable net.inet.raw.maxdgram.
DIAGNOSTICS
A socket operation may fail with one of the following errors returned:
[EISCONN] when trying to establish a connection on a socket which already has one, or when trying to send a datagram with the destina-
tion address specified and the socket is already connected;
[ENOTCONN] when trying to send a datagram, but no destination address is specified, and the socket hasn't been connected;
[ENOBUFS] when the system runs out of memory for an internal data structure;
[EADDRNOTAVAIL] when an attempt is made to create a socket with a network address for which no network interface exists;
[EINVAL] when an invalid value is used with IMCP datagram socket for a field of the IP or ICMP header.
SEE ALSO recv(2), send(2), inet(4), intro(4), ip(4)HISTORY
The icmp protocol appeared in 4.3BSD.
4.3 Berkeley Distribution June 19, 2002 4.3 Berkeley Distribution