Date: Tue, 21 Jan 2003 10:07:54 -0800 From: Michael Sierchio <kudzu@tenebras.com> To: Andy Farkas <andyf@speednet.com.au> Cc: Mike Tancsa <mike@sentex.net>, Tillman <tillman@seekingfire.com>, freebsd-security@FreeBSD.ORG Subject: Re: Limiting icmp unreach response from 231 to 200 packets per second Message-ID: <3E2D8C7A.1040300@tenebras.com> In-Reply-To: <20030122022350.A54298-100000@hewey.af.speednet.com.au> References: <20030122022350.A54298-100000@hewey.af.speednet.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Andy Farkas wrote: > > He is talking about icmp packets - nothing to do with named. It might very well. If 'named' dies, and net.inet.udp.blackhole=0, then the kernel will be generating ICMP error responses for UDP packets sent to port 53. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3E2D8C7A.1040300>