if you want to save a little headache in digging, just add the two lines
echo "0" > /proc/sys/net/ipv4/icmp_echo_ignore_all echo "0" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts to the end of /etc/rc.d/rc.local and it will undo what msec did, also msec may check those values and update those values back to 1 when the msec scripts run in crontab, I'm not sure if it will only do that at boot or when security.sh runs, so if you notice those values reverting that is what is happening. On Wednesday 12 June 2002 11:48 am, Jeremy Mereness wrote: > Thank you for all the replies. This is, indeed, the answer. I am going to > dig a little deeper and find where the boot routines put > /proc/sys/net/ipv4/icmp_echo_ignore_all to 1. I know it's not simple. > Mandrake's boot sequence covers a lot of ground. > > -- j > > "JOHAM,DAVID (HP-Boise,ex1)" wrote: > > If you would like to enable pingnig, try putting this into your firewall > > script: > > > > echo "0" > /proc/sys/net/ipv4/icmp_echo_ignore_all > > echo "0" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts > > > > HTH > > > > David > > > > -----Original Message----- > > From: Jeremy Mereness [mailto:[EMAIL PROTECTED]] > > Sent: Tuesday, June 11, 2002 7:59 PM > > To: Expert Mandrake List > > Subject: [expert] Pinging Secure Mandrake > > > > The table on http://www.mandrakesecure.net/en/docs/msec.php shows that > > Security Level 4 and higher causes ICMP Echo (ping) packets to get > > dropped. > > > > How is this accomplished? Is it in the kernel itself? I thought it might > > have been a pre-defined IPtables rule executed by an msec script, but my > > IPtables are empty. Yet pings still get dropped. > > > > Thanks! > > > > -- j > > ################################################################# > ################################################################# > ################################################################# > ##### > ##### > ##### > ################################################################# > ################################################################# > ################################################################# -- Brandon Long Network Administrator Northern Michigan Online [EMAIL PROTECTED]
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
