On Friday 28 July 2006 06:15, User Freebsd wrote:
Two part question here ...
first part ... is there a way of just disabling icmp by setting a sysctl,
so that a server just doesn't respond to them?
No. You can do this using the firewall of your choice
ipfw example
ipfw add deny icmp from any
On Friday 28 July 2006 06:26, User Freebsd wrote:
Just an appendum, but this is what I'm seeing in /var/log/messages right
now:
Jul 28 00:22:37 io kernel: Limiting icmp unreach response from 6255 to 200
packets/sec Jul 28 00:22:38 io kernel: Limiting icmp unreach response from
6515 to 200
User Freebsd wrote:
Two part question here ...
first part ... is there a way of just disabling icmp by setting a
sysctl, so that a server just doesn't respond to them?
second part ... is there a way of telling a cisco switch to drop all
icmp packets, preferrably to all but an exception
Bill Moran wrote:
User Freebsd wrote:
Two part question here ...
first part ... is there a way of just disabling icmp by setting a
sysctl, so that a server just doesn't respond to them?
second part ... is there a way of telling a cisco switch to drop all
icmp packets, preferrably to all
Two part question here ...
first part ... is there a way of just disabling icmp by setting a sysctl,
so that a server just doesn't respond to them?
second part ... is there a way of telling a cisco switch to drop all icmp
packets, preferrably to all but an exception list, but to everywhere
Just an appendum, but this is what I'm seeing in /var/log/messages right
now:
Jul 28 00:22:37 io kernel: Limiting icmp unreach response from 6255 to 200
packets/sec
Jul 28 00:22:38 io kernel: Limiting icmp unreach response from 6515 to 200
packets/sec
Jul 28 00:22:39 io kernel: Limiting
