[wellylug] Disabling ICMP Redirects from a Router
Nigel Roberts
nigel at nobiscuit.com
Tue Oct 12 08:49:55 NZDT 2004
I suspect the more specific rule applies in this case. You might want
to turn it off on the interfaces concerned.
But to make a difference the problem you stated you should be
looking at /proc/sys/net/ipv4/conf/eth0/send_redirects not
/proc/sys/net/ipv4/conf/eth0/accept_redirects :)
Regards,
Nigel
On Mon, 11 Oct 2004 at 17:54:20 +1300, Chris Hodgetts wrote:
> Intresting...
>
> /proc/sys/net/ipv4/conf/eth0/accept_redirects is 1
> however
> /proc/sys/net/ipv4/conf/all/accept_redirects is already at 0
>
> Does that make a difference?
>
> On Mon, 2004-10-11 at 17:45, Jamie Baddeley wrote:
> > On Mon, 2004-10-11 at 17:38, Chris Hodgetts wrote:
> > > Hello,
> > >
> > > Does anyone know how to disable a router/gateway from sending ICMP
> > > Redirect packets out?
> > >
> > > They are allegedly breaking stuff on our network - although I don't see
> > > why or how...
> > >
> > > System is running:
> > > Red Hat Linux release 8.0 (Psyche)
> > >
> > > I have read:
> > > Edit the /etc/sysctl.conf file and add the following line:
> > > # Disable ICMP Redirect Acceptance
> > > net.ipv4.conf.all.accept_redirects = 0
> > >
> > > Although I assume that stops a host from receiving and processing
> > > them...
> >
> > That should stop it on boot, but you'll need to echo "0" >
> > /proc/sys/net/ipv4/conf/eth0/accept_redirects and
> > /proc/sys/net/ipv4/conf/all/accept_redirects to make it take on a
> > running system.
> >
> > >
> > > Any ideas?
> > >
> > > Thanks
> > --
> >
> >
>
>
> --
> Wellington Linux Users Group Mailing List: wellylug at lists.wellylug.org.nz
> To Leave: http://lists.wellylug.org.nz/mailman/listinfo/wellylug
More information about the wellylug
mailing list