[wellylug] Disabling ICMP Redirects from a Router

Chris Hodgetts chris at archnetnz.com
Mon Oct 11 17:54:20 NZDT 2004


Intresting...

/proc/sys/net/ipv4/conf/eth0/accept_redirects  is 1
however
/proc/sys/net/ipv4/conf/all/accept_redirects is already at 0

Does that make a difference?

On Mon, 2004-10-11 at 17:45, Jamie Baddeley wrote:
> On Mon, 2004-10-11 at 17:38, Chris Hodgetts wrote:
> > Hello, 
> > 
> > Does anyone know how to disable a router/gateway from sending ICMP
> > Redirect packets out?
> > 
> > They are allegedly breaking stuff on our network - although I don't see
> > why or how...
> > 
> > System is running:
> > Red Hat Linux release 8.0 (Psyche)
> > 
> > I have read:
> > Edit the /etc/sysctl.conf file and add the following line: 
> >               # Disable ICMP Redirect Acceptance
> >               net.ipv4.conf.all.accept_redirects = 0
> >               
> > Although I assume that stops a host from receiving and processing
> > them...
> 
> That should stop it on boot, but you'll need to echo "0" >
> /proc/sys/net/ipv4/conf/eth0/accept_redirects and
> /proc/sys/net/ipv4/conf/all/accept_redirects to make it take on a
> running system.
> 
> > 
> > Any ideas?
> > 
> > Thanks
> -- 
> 
> 




More information about the wellylug mailing list