Stream ICMP Inspector Overview
Type |
Inspector (stream) |
Usage |
Inspect |
Instance type |
Multiton |
Other Inspectors Required |
None |
Enabled |
|
Internet Control Message Protocol (ICMP) is a network-layer protocol used by network utility applications and network devices. ICMP sends diagnostic and error information to identify communication success or failure between IP hosts. An ICMP message includes header and data sections.
ICMP conveys information about other flows. It does not carry data that needs reassembly, nor does it require target-based binding.
The stream_icmp
inspector defines ICMP flow tracking. For pings, the
inspector provides basic flow tracking through the source and destination IP address
fields and the port fields in the ICMP header. For unreachable destinations, the
inspector analyzes the original IP addresses and transport ports, then it updates the
session's state. The port_scan
inspector can use the unreachable host
and port, if available.