On 26/08/14, Karl E. Jorgensen (karl@jorgensen.org.uk) wrote:
> > sysctl --system
> > * Applying /etc/sysctl.d/99-sysctl.conf ...
> > net.ipv4.icmp_echo_ignore_all = 0
> > net.ipv4.icmp_echo_ignore_broadcasts = 0
>
> These caught my eye: Ignore all ICMP ? That would stop ping
> (a.k.a. ICMP echo) from working, wouldn't it?
Thanks for the suggestion, but according to /usr/src/linux/Documentation/networking/ip-sysctl.txt
icmp_echo_ignore_all - BOOLEAN
If set non-zero, then the kernel will ignore all ICMP ECHO
requests sent to it.
Default: 0
icmp_echo_ignore_broadcasts - BOOLEAN
If set non-zero, then the kernel will ignore all ICMP ECHO and
TIMESTAMP requests sent to it via broadcast/multicast.
Default: 1
--
JohnRChamplin@wowway.com
====================================================
GPG key 1024D/99421A63 2005-01-05
EE51 79E9 F244 D734 A012 1CEC 7813 9FE9 9942 1A63
gpg --keyserver subkeys.pgp.net --recv-keys 99421A63
Attachment:
signature.asc
Description: Digital signature