From owner-freebsd-security Tue Jan 21 8:28:55 2003 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 104F337B405 for ; Tue, 21 Jan 2003 08:28:54 -0800 (PST) Received: from dc.cis.okstate.edu (dc.cis.okstate.edu [139.78.100.219]) by mx1.FreeBSD.org (Postfix) with ESMTP id E3CFF43F43 for ; Tue, 21 Jan 2003 08:28:51 -0800 (PST) (envelope-from martin@dc.cis.okstate.edu) Received: from dc.cis.okstate.edu (localhost.cis.okstate.edu [127.0.0.1]) by dc.cis.okstate.edu (8.12.6/8.12.6) with ESMTP id h0LGSkvD001493 for ; Tue, 21 Jan 2003 10:28:46 -0600 (CST) (envelope-from martin@dc.cis.okstate.edu) Message-Id: <200301211628.h0LGSkvD001493@dc.cis.okstate.edu> To: freebsd-security@FreeBSD.ORG Subject: Re: Limiting icmp unreach response from 231 to 200 packets per second Date: Tue, 21 Jan 2003 10:28:46 -0600 From: Martin McCormick Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Tillman writes: >What you're seeing is the kernel limiting ICMP responses to 200/second. >If there are more than 200 ICMP requests per second, and you have >net.inet.icmp.icmplim set to 200 via sysctl (the default value), this >occurs. Thank you greatly. That makes perfect sense as I have never changed that value. We do have a good and fast network so this is more than likely legitimate but it is nice to know that the alarm goes off if that limit for ICMP traffic is reached. That seems like a valid limit to have at least for now. Martin McCormick WB5AGZ Stillwater, OK OSU Center for Computing and Information Services Network Operations Group To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message