Re: Limiting icmp unreach response from 231 to 200 packets per second
From: Martin McCormick (martin@dc.cis.okstate.edu)
Date: 01/21/03
- Next message: Tillman: "Re: Limiting icmp unreach response from 231 to 200 packets per second"
- Previous message: Andy Farkas: "Re: Limiting icmp unreach response from 231 to 200 packets per second"
- Maybe in reply to: Martin McCormick: "Limiting icmp unreach response from 231 to 200 packets per second"
- Next in thread: Martin McCormick: "Re: Limiting icmp unreach response from 231 to 200 packets per second"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: freebsd-security@FreeBSD.ORG Date: Tue, 21 Jan 2003 10:28:46 -0600 From: Martin McCormick <martin@dc.cis.okstate.edu>
Tillman writes:
>What you're seeing is the kernel limiting ICMP responses to 200/second.
>If there are more than 200 ICMP requests per second, and you have
>net.inet.icmp.icmplim set to 200 via sysctl (the default value), this
>occurs.
Thank you greatly. That makes perfect sense as I have
never changed that value. We do have a good and fast network so
this is more than likely legitimate but it is nice to know that
the alarm goes off if that limit for ICMP traffic is reached.
That seems like a valid limit to have at least for now.
Martin McCormick WB5AGZ Stillwater, OK
OSU Center for Computing and Information Services Network Operations Group
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Next message: Tillman: "Re: Limiting icmp unreach response from 231 to 200 packets per second"
- Previous message: Andy Farkas: "Re: Limiting icmp unreach response from 231 to 200 packets per second"
- Maybe in reply to: Martin McCormick: "Limiting icmp unreach response from 231 to 200 packets per second"
- Next in thread: Martin McCormick: "Re: Limiting icmp unreach response from 231 to 200 packets per second"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
