[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: unwanted log-message from icmplogd



On Friday, February 02, 2001 at 08:11:48 (+0100), Ralf Müller wrote:
> in our very large network

It certainly isn't as large as you think! ;-)

> there is a misconfigured computer which is not
> whithin my reach. Every computer in our institute gets:

> Jan 31 06:35:10 krispc9 icmplogd: destination unreachable from achpc2.chemie.uni-karlsruhe.de [129.13.108.161]

Okay, this is from icmplogd. If the messages annoy you, don't run
icmplogd. In '/etc/iplogger.conf' comment out the line saying
"start-icmplogger", or if you want to disable this message only, comment
in "no-icmp-unreachable".

> and
> 
> 129.13.108.161 sent an invalid ICMP error to a broadcast.

This one is from the Linux(TM) Kernel. To deactivate it, do

'echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses'

on the command-line, or for automatically doing that on startup, create a
file /etc/rc.boot/local, make it executable, and fill it with:

#!/bin/sh
ICMP_ERROR=/proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
if test -e $ICMP_ERROR; then
        echo '1' > $ICMP_ERROR
fi

> this repeats every 0.5 seconds. So PLEASE how can I prevent our systems from
> producing this message in particular?

Wow, that is often. I'm receiving this once every three minutes in our
network (which is also large, BTW), it is caused by rwhod-packets. You could
of course try to find out which service sends out the packets that are
illegally responded to and deactivate it if you do not need it.

Marc

-- 
  _ _  Marc A. Donges                        +49 721 6904-2130
  'v'                   <kosh@hadiko.de>
 /   \               PGP-Key(DSA): 1024D/1C9ECFF2
  W W
 Fingerprint: 58B9 07A6 CBB1 7016 EB1D  7D35 EEBE 67DC 1C9E CFF2

Attachment: pgp8rtTct9JbP.pgp
Description: PGP signature


Reply to: