Differences between revisions 2 and 3

ICMP Ratelimit

* I had a problem where running mtr (Gui Traceroute) through a Linux router, would show packet loss on the first hop, the linux router.

It turned out that part of the linux network protection is to limit the number of icmp messages to prevent a denial of service attack(dos)

The settings:

  /proc/sys/net/ipv4/icmp_ratelimit
  /proc/sys/net/ipv4/icmp_ratemask

ratelimit is the number of jiffies between icmp packets. Default:250, lower more packets allowed, All:0
ratemask a binary mask, 2^n for each icmp option.
- Look into Linux header file. include/linux/icmp.h

...

-  ⇤ ← Revision 2 as of 2009-05-01 20:10:53 → 
  Size: 712
  Editor: PieterSmit
  Comment:
+   ← Revision 3 as of 2009-05-01 20:11:43 → ⇥
  Size: 726
  Editor: PieterSmit
  Comment:
-Deletions are marked like this.
+Additions are marked like this.
 Line 17:
-   * Look into Linux header file. icmp.c
+   * Look into Linux header file. include/linux/icmp.h