[wellylug] Disabling ICMP Redirects from a Router
Jethro Carr
dodocaptain at paradise.net.nz
Mon Oct 11 17:59:19 NZDT 2004
On Tue, 2004-10-12 at 06:38, Chris Hodgetts wrote:
> Hello,
>
> Does anyone know how to disable a router/gateway from sending ICMP
> Redirect packets out?
>
well, if you use iptables, like I do, I'd just make a firewall statement
to drop any ICMP redirect packets.
However, you really should be looking at whatever is being broken by the
ICMP packets - that's the real problem.
> They are allegedly breaking stuff on our network - although I don't see
> why or how...
>
> System is running:
> Red Hat Linux release 8.0 (Psyche)
>
> I have read:
> Edit the /etc/sysctl.conf file and add the following line:
> # Disable ICMP Redirect Acceptance
> net.ipv4.conf.all.accept_redirects = 0
>
> Although I assume that stops a host from receiving and processing
> them...
>
> Any ideas?
>
> Thanks
--
-- Jethro
dodocaptain at paradise.net.nz
http://www.jedolinux.com
http://homepages.paradise.net.nz/jethroc
http://homepages.paradise.net.nz/jethroc/cv.html
http://www.wellylug.org.nz
More information about the wellylug
mailing list