From owner-freebsd-questions Sun Jun 18 14:55: 5 2000 Delivered-To: freebsd-questions@freebsd.org Received: from dns2.seanet.com (dns2.seanet.com [199.181.164.2]) by hub.freebsd.org (Postfix) with ESMTP id 12CC137BA22 for ; Sun, 18 Jun 2000 14:55:02 -0700 (PDT) (envelope-from goodleaf@goodleaf.net) Received: from clyde.goodleaf.net (piscator.seanet.com [199.181.165.218]) by dns2.seanet.com (8.9.3/8.9.0) with ESMTP id OAA01144; Sun, 18 Jun 2000 14:55:00 -0700 (PDT) Date: Sun, 18 Jun 2000 15:07:00 -0700 (PDT) From: "J. Goodleaf" To: Chris Angell Cc: questions@FreeBSD.ORG Subject: Re: TCP question In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Well, I can tell you what's causing it, but I'll defer to more knowledgeable people on what you ought to do about it. You have "options ICMP_BANDLIM compiled into your kernel. It's purpose, as I understand it, is to limit replies to ICMP errors. Basically, it should help protect you from denial of service attacks. Perhaps, instead of recompiling without it, you could configure it to a different threshhold. I don't know without looking if that's possible. Check the FAQs and read the relevant part of the /sys/i386/conf/LINT file. But I'd have to wonder what's happening on your network connection that's causing the ICMP bandlim to be invoked... -J =============================== John Goodleaf goodleaf@goodleaf.net PGP key: finger goodleaf@goodleaf.net =============================== On Sun, 18 Jun 2000, Chris Angell wrote: > Las Vegas NV 89146 | 1-702-317-2001 > 1-800-851-4161 | Fax 702-317-2057 > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > > ---------- Forwarded message ---------- > Date: Sun, 18 Jun 2000 14:15:31 -0700 (PDT) > From: Mail Delivery Subsystem > To: chris@snark.wizard.com > Subject: Returned mail: Host unknown (Name server: freebsd.com: no data > known) > > The original message was received at Sun, 18 Jun 2000 14:15:31 -0700 (PDT) > from chris@localhost > > ----- The following addresses had permanent fatal errors ----- > > > ----- Transcript of session follows ----- > 550 ... Host unknown (Name server: freebsd.com: no data known) > > ----- Original message follows ----- > > Return-Path: > Received: from localhost (chris@localhost) > by snark.wizard.com (8.9.3/8.9.3) with ESMTP id OAA37652 > for ; Sun, 18 Jun 2000 14:15:31 -0700 (PDT) > Date: Sun, 18 Jun 2000 14:15:31 -0700 (PDT) > From: Chris Angell > To: questions@freebsd.com > Subject: TCP Question > Message-ID: > MIME-Version: 1.0 > Content-Type: TEXT/PLAIN; charset=US-ASCII > > Forgive me for bothering you with this question. > > Sometimes I get the message 'chris /kernel: icmp-response bandwidth limit > 201/200 pps' > > 'chris' is my computer name. I am running version 4.0-20000307-CURRENT on > a regular pentium computer. The message pops up sometimes (when logged in > as root of course), usually when I ping a host or have a few TCP/IP > connections open. > > Could you instruct me on how to change this restriction? > > Thanks, > > Chris Angell > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Christopher Angell | Chris@Wizard.Com > 2001 S. Jones Blvd Suite K | http://www.wizard.com > Las Vegas NV 89146 | 1-702-317-2001 > 1-800-851-4161 | Fax 702-317-2057 > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message