Date: Thu, 27 Jan 2000 15:11:02 +0100 From: "ROGIER MULHUIJZEN" <MULHUIJZEN@PZH.NL> To: <sameh@fr.clara.net>, <scrappy@hub.org> Cc: <freebsd-stable@FreeBSD.ORG> Subject: Re: icmp-response bandwidth limit 103/100 pps Message-ID: <s8906027.037@smtp.pzh.nl>
next in thread | raw e-mail | index | archive | help
>remove the line:
>options ICMP_BANDLIM
Might be a bit drastic. You could use
sysctl -w net.inet.icmp.icmplim=0
to disable. Or try 200 and see how you fare (since you get just over
100 packets per sec).
BUT the fact that you have that message means you have a rather high
number of ICMP packets going out. You might want to leave the
icmp-bandwidth setting and investigate. Or even lower it to 1 to make
things really slow for any scanners. Use
tcpdump ip proto icmp
to see what icmp packets are flying across the wire.
Good luck,
DocWilco
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?s8906027.037>