>For my day job, I recently added a feature to our NetBSD-based IP stack
>which might be of interest to others.  It allows unconnected datagram
>sockets (currently implemented only for UDP but there's no reason why it
>couldn't be extended for raw IP sockets as well) to receive the ICMP error
>notifications via OOB data.
>
>After being enabled via a IP_ERROOB setsockopt, when a ICMP error is
>received and communicated to UDP via its pr_ctlinput entry point the
>original destination address is extracted and a OOB (MT_OOBDATA) message is
>added to the receive socket buffer with the address being the extracted
>destination and the data being an integer containing the error (which would
>normally be placed in so_error of the socket structure).

neat!

>This requires you to use recvmsg(2) and check the msg_flags on each packet
>to see if you received as an error notification as OOB data, but is fairly
>painless and useful.  It also means that traceroute could be done completely
>without any needs for privileges.

traceroute via the usual (udp) mechanism.  traceroute -I would still
require privileges.

>Is there any interest in me getting this feature contributed back to NetBSD?

i'd say yes.

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."