icmp packets - disabling via sysctl, or cisco switch ... ?

User Freebsd freebsd at hub.org
Fri Jul 28 03:26:59 UTC 2006


Just an appendum, but this is what I'm seeing in /var/log/messages right 
now:

Jul 28 00:22:37 io kernel: Limiting icmp unreach response from 6255 to 200 packets/sec
Jul 28 00:22:38 io kernel: Limiting icmp unreach response from 6515 to 200 packets/sec
Jul 28 00:22:39 io kernel: Limiting icmp unreach response from 6646 to 200 packets/sec
^C

And its been going on for several hours now ... :(


On Fri, 28 Jul 2006, User Freebsd wrote:

>
> Two part question here ...
>
> first part ... is there a way of just disabling icmp by setting a sysctl, so 
> that a server just doesn't respond to them?
>
> second part ... is there a way of telling a cisco switch to drop all icmp 
> packets, preferrably to all but an exception list, but to everywhere works as 
> well ...
>
> I'm running a Cisco 2950-24 ...
>
> thanks ...
>
> ----
> Marc G. Fournier           Hub.Org Networking Services (http://www.hub.org)
> Email . scrappy at hub.org                              MSN . scrappy at hub.org
> Yahoo . yscrappy               Skype: hub.org        ICQ . 7615664
>

----
Marc G. Fournier           Hub.Org Networking Services (http://www.hub.org)
Email . scrappy at hub.org                              MSN . scrappy at hub.org
Yahoo . yscrappy               Skype: hub.org        ICQ . 7615664


More information about the freebsd-questions mailing list