ICMP Destination Unreachable Message not conforming to standards?

["gmarran" <paitan@xxxxxxxxxxxx>]

Hi,

 In the format of the ICMP Destination Unreachable Message as given in
 RFC 792 [http://www.ietf.org/rfc/rfc0792.txt] the data portion of the
 packet is meant to contain only the original IP header + 64 bits of the
 original data datagram. However, packet analysis of an ICMP destination
 unreachable message returned from a gateway running Redhat Linux 7.0
 (kernel 2.2.16-22) gives a data portion of the packet containing the
 original IP header + 44*8 bits. This gives it as including the IP
 header, TCP header + TCP data portion + 18 bytes of garbage.
 If you cannot help but know someone who can, please forward this message
 to them, or send me their e-mail address. Following is the sniffed
 packet and a detailed analysis of it.
 
 
Here is the sniffed packet:
 
ICMP DESTINATION UNREACHABLE: GATEWAY -> WEB SERVER
 
00 10 5A 2E 1C 02 00 00 E8 D6 0B 63 08 00 45 C0
 00 5C 01 4F 00 00 FF 01 38 3E C0 A8 00 01 C0 A8
 00 02 03 00 2B CA 00 00 00 00 45 00 00 2C 09 69
 40 00 40 06 6E B7 C0 A8 00 02 01 01 01 01 00 50
 6A 06 1D 65 1F 8C DA 2B F1 03 60 12 7F B8 E6 D6
 00 00 02 04 02 18 00 00 01 00 01 00 00 00 88 00
 00 00 06 00 00 00 04 00 00 00
 
Here is an analysis of the packet:
 Ethernet Header
 Destination Address             00:10:5A:2E:1C:02 (Server)
 Source Address                     00:00:E8:D6:0B:63 (Gateway)
 Packet Type                           08 00 (Internet Protocol)
 Internet Protocol Header
 Version                                    4
 Header Length                        5 words (20 bytes)
 Type of Service                      192 (Internet Control)
 Total Length                           92
 Identifier                                 335
 Fragment Offset                     0
 Fragmentation Flags              None
 Time to Live                            255
 Protocol                                   1 (ICMP)
 Header Checksum                  38 3E
 Source Address                      192.168.0.1 (Gateway)
 Destination Address              192.168.0.2 (Server)
 Internet Control Message Protocol Header
 Type                                        3 (Destination Unreachable)
 Code                                        0 (Network Unreachable)
 Checksum                               2B CA
 Original Internet Protocol Header
 Version                                    4
 Header Length                        5 words (20 bytes)
 Type of Service                       0 (Routine)
 Total Length                             44
 Identifier                                   2409
 Fragment Offset                      0
 Fragmentation Flags               Don't Fragment
 Time to Live                            64
 Protocol                                   6 (TCP)
 Header Checksum                   6E B7
 Source Address                      192.168.0.2 (Server)
 Destination Address               1.1.1.1 (Spoofed Address)
 Original Transmission Control Protocol Header
 Source Port                              80 (Web Traffic)
 Destination Port                       27142
 Sequence Number                    493166476
 Acknowledgement Number     3660312835
 Data Offset                              6 words (24 bytes)
 Flags                                         12 (SYN and ACK Flags set)
 
Window Size                            32696
 Checksum                                 E6 D6
 Urgent Pointer                          0
 Maximum Segment Size Option     536
 Original TCP Payload Data             00 00
 Garbage Data                                   01 00 01 00 00 00 88 00 00 00 06 00 00 00 04 00 00 00
 
 
Thanks
   Garth