[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
icmp echo disable (or dont answer pings)
- Date: Wed, 31 May 2006 10:30:03 +1000
- From: chrisj at rtems.org (Chris Johns)
- Subject: icmp echo disable (or dont answer pings)
Joel Sherrill wrote:
> Comments please. This does seem like a reasonable application feature.
I would like to see the Wiki updated to document this feature as it is
not standard.
Extending the stack this way could result in this feature being lost if
(or when) the stack is upgraded. I see it is a simple patch which
provides a specific solution to a specific problem, but have to wonder
what FreeBSD does to handle this normally. Does it use some sort of
firewall rules ? If it does could this approach have been used ?
>>
>> case ICMP_ECHO:
>> - if (!icmpbmcastecho
>> - && (m->m_flags & (M_MCAST | M_BCAST)) != 0
>> - && IN_MULTICAST(ntohl(ip->ip_dst.s_addr))) {
>> + if (!icmpallecho + || (!icmpbmcastecho
>> + && (m->m_flags & (M_MCAST | M_BCAST)) != 0
>> + && IN_MULTICAST(ntohl(ip->ip_dst.s_addr)))) {
>> icmpstat.icps_bmcastecho++;
>> break;
This code does not update the icps_allecho counter. Should it ?
Regards
Chris