On Wed, 2002-05-22 at 10:39, Mike Noyes wrote: > On Wed, 2002-05-22 at 10:18, Ray Olszewski wrote: > > > > May 22 02:53:54 NRP-413 kernel: Redirect from D08A145C/eth0 to D08A1401 > > > > ignored.Path = D08A1469 -> 42DA4753, tos 00 > > > > Unpacked, this says that the kernel is reporting that it received and > > refused an instruction to redirect from 208.138.20.92 (0xD08A145, which is > > the external gateway address in the routing table) to 208.138.20.01 > > (0xD08A1401, another host on the external network). It is connected with a > > packet going from the router's external address 208.138.20.105 (0xD08A1469) > > to the non-local address 66.218.71.83 (0x42DA4753). > > > > While I have not actually seen a message like this one before, it reads > > like a report of a message received fom the external gateway telling the > > system to use a different external gateway address ... probably sent via > > some standard routing protocol. (Perhaps someone here who knows routing > > protocols better than I can recognize it; I have a hazy memory of an "icmp > > redirect" packet type that may be involved.) > > I think you can stop logging of TOS redirects in network.config by > changing the option below to yes. This may open up a possible security > hole. > > ALLIF_ACCEPT_REDIRECTS=NO
Pertinent icmp redirect information. http://www.iana.org/assignments/icmp-parameters ftp://ftp.isi.edu/in-notes/rfc792.txt -- Mike Noyes <[EMAIL PROTECTED]> http://sourceforge.net/users/mhnoyes/ http://leaf-project.org/ _______________________________________________________________ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
