tech-net: Re: Ignore incoming ICMP redirect packets

Subject: Re: Ignore incoming ICMP redirect packets
To: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>
From: Manuel Bouyer <bouyer@antioche.lip6.fr>
List: tech-net
Date: 02/18/2000 22:26:34

On Fri, Feb 18, 2000 at 02:44:49PM -0500, Bill Sommerfeld wrote:
> > how can I can configure a NetBSD 1.4 system to ignore *incoming*
> > ICMP redirect packets? The kernel variable "net.inet.ip.redirect"
> > seems only to prevent outgoing ICMP packets.
> 
> For what it's worth, i believe router requirements requires routers to
> ignore redirects by default; when we're running with ipforwarding
> turned on, we should ignore them...

A sysctl net.inet.ip.acceptredirects would be nice.

--
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
--