[ale] ICMP packet error

[Bob Kruger]

At 11:15 PM 6/30/99 -0500, you wrote:

>Since replacing RH52 with RH60, we've started getting the error message
>
>  kernel: x.x.x.x sent an invalid ICMP error to a broadcast.      
>
>every five minutes from one of our upstream ISP's border gateways and also
from a LAN-based ROM emulator. I'm assuming that the reporting is a
function of better DoS prevention, but is anyone familiar with this
symptom, and, if so, is there a way to shut it off at least for known
addresses??

Gary;

This is a function of the 2.2.X series kernels.

To turn it off, I added the following to my /etc/rc.d/init.d file:

echo 1 >/proc/sys/net/ipv4/icmp_ignore_bogus_error_responses

I put it in line 93 of the file - right at the end of the "start)" portion.

Note - to the best of my knowledge, this only crops up when running samba,
so you could add it to the /etc/rc.d/init.d/smb file as well.

Regards - Bob Kruger