Re: How can I drop "Source Quench, Redirect, Time stamp and Time stamp reply" ICMP packets
From: Allen Kistler (ackistler_at_oohay.moc)
Date: 10/24/04
- Previous message: Kimmo Koivisto: "Re: IPSec in Fedora Linux vs Cisco IOS ?"
- In reply to: Santa: "How can I drop "Source Quench, Redirect, Time stamp and Time stamp reply" ICMP packets"
- Next in thread: Santa: "Re: How can I drop "Source Quench, Redirect, Time stamp and Time stamp reply" ICMP packets"
- Reply: Santa: "Re: How can I drop "Source Quench, Redirect, Time stamp and Time stamp reply" ICMP packets"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 24 Oct 2004 20:05:29 GMT
Santa wrote:
> I need to drop "Source quench, Redirect, Timestamp and
> Timestamp reply" packets. Do I have to add a separate rule to
> iptables?. Or by default if I didn't add any rule, will it drop
> automatically.
>
> Thanks in advance.
There are enties in /proc to disable sending and receiving redirects.
You can set them with sysctl, among others.
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.default.send_redirects = 0
You must set netfilter rules for the others.
It's worthwhile setting rules for redirects, too. The /proc entry only
applies to packets aimed at your box or coming from your box. They do
nothing for packets traversing your box.
- Previous message: Kimmo Koivisto: "Re: IPSec in Fedora Linux vs Cisco IOS ?"
- In reply to: Santa: "How can I drop "Source Quench, Redirect, Time stamp and Time stamp reply" ICMP packets"
- Next in thread: Santa: "Re: How can I drop "Source Quench, Redirect, Time stamp and Time stamp reply" ICMP packets"
- Reply: Santa: "Re: How can I drop "Source Quench, Redirect, Time stamp and Time stamp reply" ICMP packets"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
