Changeset c8daa69 in lab.git for iptables


Ignore:
Timestamp:
Jul 7, 2009 5:48:27 PM (15 years ago)
Author:
mitty <mitty@…>
Branches:
master, trunk
Children:
e829fd8
Parents:
84d8293
Message:
  • FIX: increase acceptable icmp packet size limit
    • ping 192.168.100.254 -n 1
      PING 1 (0.0.0.1) 56(124) bytes of data.
      
      --- 1 ping statistics ---
      23 packets transmitted, 0 received, 100% packet loss, time 22381ms
      

git-svn-id: https://lab.mitty.jp/svn/lab/trunk@15 7d2118f6-f56c-43e7-95a2-4bb3031d96e7

File:
1 edited

Legend:

Unmodified
Added
Removed
  • iptables/ufw/raw.rules

    r4999639 rc8daa69  
    1818-A LOG_ICMP -j DROP 
    1919# Too large icmp requests 
    20 -A PREROUTING -p icmp --icmp-type echo-request -m length --length 85: -j LOG_ICMP 
     20-A PREROUTING -p icmp --icmp-type echo-request -m length --length 128: -j LOG_ICMP 
    2121# Too many times of icmp requests (only 5 packets per second if over 10pkts/sec) 
    2222-A PREROUTING -p icmp --icmp-type echo-request -m limit --limit 5/s --limit-burst 10 -j ACCEPT 
Note: See TracChangeset for help on using the changeset viewer.