27 Nov
2001
27 Nov
'01
21:10
* Christopher Mahmood (ckm@suse.com) [011127 12:12]:
* Peter Wiersig (wiersig@glamus.de) [011127 07:23]:
or don't use iptables for an option which can be handled by the kernel directly: /proc/sys/net/ipv4/icmp_echo_ignore_all
UGH, this is just as bad as '-I INPUT -i eth0 -p icmp -j DENY'.
wob@swobspace.de just pointed out that I'm being an idiot...I wasn't reading the icmp_echo_ignore_all response carefully. Sorry, -- -ckm