[问题求助]怎样屏蔽这些信息 [复制链接]

我的服务器接在网上，屏幕上总是收到这样的信息：.              乙肝
1.00.2.2.52.125 sent an invalid ICMP type 11, code 0.
error .to. a broadcast: 100.84.255.255 on eth1    外汇


我怎么做才能屏蔽这样的信息，是iptables吗，应怎么写规则？我对i.ptables不熟悉.。          婚庆

/etc/syslog.conf里屏蔽???

找到解决办法了
I've also seen this on 2.4.21-4.EL. The problem is that you have
some device on your network that incorrectly sends a ICMP time
exceeded response to broadcasts where ttl == 0. The linux kernel
reports such bogus messages in the system log by default.
The code that actually does the logging was updated to be more
verbose sometime between 2.4.19 and 2.4.21 I think, but unfortunately
the update introduced a bug so that the log message incorrectly list
the destination address as the source address of the bogus message !
So you cannot find the bad device with the information in the log
message. You have to use a network packet sniffer instead.
To get the correct address of the bad packet the kernel must be fixed
(see included mail below)
You can also try to find the bad device with send out the packages
It is also possible to turnoff logging of bad ICMP packages in the
linux kernel if you just think the messages are annoying.

Do:
# /sbin/sysctl –w net.ipv4.icmp_ignore_bogus_error_responses=1

or put it in /etc/sysctl.conf if you want it if permanently.

[ 本帖最后由 小渔儿 于 2006-7-8 10:18 编辑 ]