evie/android_kernel_oneplus_msm8998
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[IPV4]: Update icmp sysctl docs and disable broadcast ECHO/TIMESTAMP by default

Browse source 
It's not a good idea to be smurf'able by default.
The few people who need this can turn it on.

Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
David S. Miller 2005-10-03 16:07:30 -07:00
parent 3e56a40bb3
commit 7ce312467e
2 changed files with 8 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
Documentation/networking/ip-sysctl.txt
View file

@ -355,10 +355,14 @@ ip_dynaddr - BOOLEAN
Default: 0 Default: 0
icmp_echo_ignore_all - BOOLEAN icmp_echo_ignore_all - BOOLEAN
If set non-zero, then the kernel will ignore all ICMP ECHO
requests sent to it.
Default: 0
icmp_echo_ignore_broadcasts - BOOLEAN icmp_echo_ignore_broadcasts - BOOLEAN
If either is set to true, then the kernel will ignore either all If set non-zero, then the kernel will ignore all ICMP ECHO and
ICMP ECHO requests sent to it or just those to broadcast/multicast TIMESTAMP requests sent to it via broadcast/multicast.
addresses, respectively. Default: 1
icmp_ratelimit - INTEGER icmp_ratelimit - INTEGER
Limit the maximal rates for sending ICMP packets whose type matches Limit the maximal rates for sending ICMP packets whose type matches

2
net/ipv4/icmp.c
View file

@ -188,7 +188,7 @@ struct icmp_err icmp_err_convert[] = {
/* Control parameters for ECHO replies. */ /* Control parameters for ECHO replies. */
int sysctl_icmp_echo_ignore_all; int sysctl_icmp_echo_ignore_all;
int sysctl_icmp_echo_ignore_broadcasts; int sysctl_icmp_echo_ignore_broadcasts = 1;
/* Control parameter - ignore bogus broadcast responses? */ /* Control parameter - ignore bogus broadcast responses? */
int sysctl_icmp_ignore_bogus_error_responses; int sysctl_icmp_ignore_bogus_error_responses;