I've been bitten by these ICMP Redirects once. Is there any

On Sun, Feb 11, 2001 at 02:36:43AM -0200, Rogerio Brito wrote:
> 	I've been bitten by these ICMP Redirects once. Is there any
> 	way to prevent them from being sent out? Perhaps doing some

Hmmm. I never tried this before, but how about setting these kernel 
variables to 0? (depending on what you want):

/proc/sys/net/ipv4/conf/<if>/accept_redirects
/proc/sys/net/ipv4/conf/<if>/send_redirects

Note that I'm using kernel 2.4. I'm not sure they are available in 2.2,
though.

Suthep

> 	packet filtering of the ICMP Redirects? Even if this works,
> 	this sure sounds like a dirty solution... :-(
> 
> 	In that occasion, I was trying to set up a masquerading box
> 	with only one NIC and two IP addresses (the Internet-valid one
> 	and the private one), hooking everything in a single hub and
> 	routing accordingly.
> 
> 	I don't remember the details (since this was many months ago),
> 	but the only solution that I could make work was to buy
> 	another NIC for the masquerading box and put one IP in each
> 	NIC, doing everything as usual. :-(
> 
> 	As I don't remember more details of the situation, I'm just
> 	hoping that this description rings a bell for someone. Any
> 	explanation of how to make this setup with just one NIC or
> 	comments on why this shouldn't be done are immensely
> 	appreciated.
> 
> 
> 	Thanks in advance, Roger...
> 
> -- 
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=->   Rogerio Brito - rbrito@iname.com - http://www.ime.usp.br/~rbrito/
> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-> 
> _______________________________________________
> LARTC mailing list / LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/2.4Routing/