This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

ICMP Destination Unreachable

0

Hi, my first post in here. I made lots of search but couldn't find useful info about how create ICMP Code-3 (dest. unreachable) error and capture it with Wireshark. I tried to ping a closed port in Linux machine and also used host command but nothing. Could anyone help me about this please? Thank you.

asked 22 Apr '14, 04:10

erer's gravatar image

erer
1112
accept rate: 0%


One Answer:

2

You need a router (Linux) that does not know how to forward a frame to a destination network (network unreachable), or that does not get an ARP reply (Host unreachable).

Sample setup:

client [10.1.1.20]  ---- [10.1.1.1] eth0 :: router :: eth1 [192.168.1.1]

Set the following routes

client

  • route add 192.168.1.0 mask 255.255.255.0 10.1.1.1
  • route add 192.168.5.0 mask 255.255.255.0 10.1.1.1

router

  • enable IP Forwarding: sysctl net.ipv4.ip_forward=1
  • don't set a default route!!: route delete default

Now, ping the following IP addresses from the client:

  • ping 192.168.1.5 :: you will get a ICMP Destination unreachable (Host unreachable)
  • ping 192.168.5.5 :: you will get a ICMP Destination unreachable (Network unreachable)

Regards
Kurt

answered 22 Apr '14, 05:40

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

edited 22 Apr '14, 06:44

Big thanks Kurt. This is awesome and very straight forward answer. Cant wait to try it :)

(22 Apr '14, 06:50) erer

Hint: If a supplied answer resolves your question can you please "accept" it by clicking the checkmark icon next to it. This highlights good answers for the benefit of subsequent users with the same or similar questions.

(22 Apr '14, 07:31) Kurt Knochner ♦