From owner-freebsd-questions Wed Jul 11 1:10: 6 2001 Delivered-To: freebsd-questions@freebsd.org Received: from zogbe.tasam.com (cj45658-a.reston1.va.home.com [65.9.36.73]) by hub.freebsd.org (Postfix) with ESMTP id A684C37B401 for ; Wed, 11 Jul 2001 01:09:59 -0700 (PDT) (envelope-from clash@tasam.com) Received: from battleship (zogbe.tasam.com [10.45.45.5] (may be forged)) by zogbe.tasam.com (8.11.4/8.11.4) with SMTP id f6B89qK16334; Wed, 11 Jul 2001 04:09:52 -0400 (EDT) Message-ID: <001b01c109e0$dda90350$0b2d2d0a@battleship> From: "Joseph Gleason" To: "Kelvin Ng Chee Hoong" Cc: References: <3B4BFCE8.3EE5720@pacific.net.sg> <008801c109d8$eb40e850$0b2d2d0a@battleship> <3B4C0AB9.8FFC7181@pacific.net.sg> Subject: Re: Minimize ICMP packets Date: Wed, 11 Jul 2001 04:09:51 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.3018.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.3018.1300 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Humm...I beleive net.inet.icmp.icmplim is to limit the rate in packets per second of ICMP not the size. I'm not sure how to limit the size.... ----- Original Message ----- From: "Kelvin Ng Chee Hoong" To: "Joseph Gleason" Cc: Sent: Wednesday, July 11, 2001 04:13 Subject: Re: Minimize ICMP packets > Hi Joseph ; > First of all , thank you very much for your information. I've set variable > of icmplim to 30 but this variable seems does not limit the ICMP packet size > to max 30 bytes. > When I did a ping to my FBSD machine with packet size of 18024 bytes, it still > accept the larger ICMP packets rather than to discard . > > Joseph Gleason wrote: > > > kernel option: > > options ICMP_BANDLIM > > > > Does this. It is default in generic. > > > > I am not certain of this but I assume sysctl variable net.inet.icmp.icmplim > > controls the ammount it lets through. Someone want to confirm or deny this? > > > > Joe Gleason > > > > ----- Original Message ----- > > From: "Kelvin Ng Chee Hoong" > > To: > > Sent: Wednesday, July 11, 2001 03:14 > > Subject: Minimize ICMP packets > > > > > Hi ; > > > I want my FBSD machine to accept ICMP packets (ping) from source > > > anywhere , but limited to number of ICMP packets size and number of > > > connection ping concurrently . Any ICMP packets that beyond the > > > criteria will be discarded . > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > with "unsubscribe freebsd-questions" in the body of the message > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message