icmp echo disable (or dont answer pings)
Chris Johns
chrisj at rtems.org
Wed May 31 00:30:03 UTC 2006
Joel Sherrill wrote:
> Comments please. This does seem like a reasonable application feature.
I would like to see the Wiki updated to document this feature as it is
not standard.
Extending the stack this way could result in this feature being lost if
(or when) the stack is upgraded. I see it is a simple patch which
provides a specific solution to a specific problem, but have to wonder
what FreeBSD does to handle this normally. Does it use some sort of
firewall rules ? If it does could this approach have been used ?
>>
>> case ICMP_ECHO:
>> - if (!icmpbmcastecho
>> - && (m->m_flags & (M_MCAST | M_BCAST)) != 0
>> - && IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) {
>> + if (!icmpallecho + || (!icmpbmcastecho
>> + && (m->m_flags & (M_MCAST | M_BCAST)) != 0
>> + && IN_MULTICAST(ntohl(ip->ip_dst.s_addr)))) {
>> icmpstat.icps_bmcastecho++;
>> break;
This code does not update the icps_allecho counter. Should it ?
Regards
Chris
More information about the users
mailing list