Omission in earlier rate-limit... The HyperNews Linux KHG Discussion Pages Omission in earlier rate-limit...Forum: The Linux Kernel Hackers' GuideRe: Can you block or ignore ICMP packets?Re: ICMP send rate limit / ignoring (Jukka Santala)Keywords: ICMP ping Internet echo floodDate: Thu, 15 May 1997 22:44:33 GMTFrom: Jukka Santala <e75644@uwasa.fi>Oops, what a mistake. I missed the fact that icmp_send() isn't actually used for replying to ICMP_ECHO_REQUEST's etc. so no matter how you change the table in question, none of the replies are going to be limited... so what you need to do is add a call to the check in question to icmp_reply() as well, which is something that can already be called real kernel hacking. Here's how I'm doing it; however... 1) I haven't yet rebooted with this code... wish me luck ;) 2) Am I missing something? ping -f and ping -l get mostly ignored Here's the bit of code, in icmp_reply() right at the beginning (after local varable definitions) : #ifndef CONFIG_NO_ICMP_LIMIT if(!xrlim_allow(icmp_param->icmph.type, skb->nh.iph->saddr)) return; #endif I'll let you know how my tests with the thing proceed ;) (Sorry for bad formatting, I managed to break my PPP thingy playing around with filedescriptors, it seems, and this remote lynx doesn't quite handle text-fields properly, it seems... :P) Messages Inline: Outline: 1. Patch worked... by Jukka Santalato: "Omission in earlier rate-limit..." n