Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

This project is archived. Its data is read-only.

Commit 7ce31246 authored Oct 03, 2005 by David S. Miller

[IPV4]: Update icmp sysctl docs and disable broadcast ECHO/TIMESTAMP by default



It's not a good idea to be smurf'able by default.
The few people who need this can turn it on.

Signed-off-by: David S. Miller <davem@davemloft.net>

parent 3e56a40b

Documentation/networking/ip-sysctl.txt

+7 −3

Original line number	Original line	Diff line number	Diff line
	@@ -355,10 +355,14 @@ ip_dynaddr - BOOLEAN
	Default: 0		Default: 0

	icmp_echo_ignore_all - BOOLEAN		icmp_echo_ignore_all - BOOLEAN
			If set non-zero, then the kernel will ignore all ICMP ECHO
			requests sent to it.
			Default: 0

	icmp_echo_ignore_broadcasts - BOOLEAN		icmp_echo_ignore_broadcasts - BOOLEAN
	If either is set to true, then the kernel will ignore either all		If set non-zero, then the kernel will ignore all ICMP ECHO and
	ICMP ECHO requests sent to it or just those to broadcast/multicast		TIMESTAMP requests sent to it via broadcast/multicast.
	addresses, respectively.		Default: 1

	icmp_ratelimit - INTEGER		icmp_ratelimit - INTEGER
	Limit the maximal rates for sending ICMP packets whose type matches		Limit the maximal rates for sending ICMP packets whose type matches

net/ipv4/icmp.c

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -188,7 +188,7 @@ struct icmp_err icmp_err_convert[] = {

	/* Control parameters for ECHO replies. */		/* Control parameters for ECHO replies. */
	int sysctl_icmp_echo_ignore_all;		int sysctl_icmp_echo_ignore_all;
	int sysctl_icmp_echo_ignore_broadcasts;		int sysctl_icmp_echo_ignore_broadcasts = 1;

	/* Control parameter - ignore bogus broadcast responses? */		/* Control parameter - ignore bogus broadcast responses? */
	int sysctl_icmp_ignore_bogus_error_responses;		int sysctl_icmp_ignore_bogus_error_responses;