Some help with broadcasts through a Linux system
Jeremy Allison
jallison at cthulhu.engr.sgi.com
Wed Feb 3 17:59:01 GMT 1999
Richard Sharpe wrote:
>
> Hi again,
>
> OK, what I did not make clear was that I was trying to use directed
> broadcasts, not the local broadcasts address (255.255.255.255).
>
> That is, in the context of the following diagram:
>
> 172.30.0.0/24 16.153.112.0/24
> --------------------[Linux]---------------------
>
> If from 172.30.0.120 I ping 16.153.112.255, I would expect to see the
> broadcast on the other interface.
>
> Linux seems to be stoping it, and I cannot find a switch to prevent it from
> stopping it.
I think that's an anti-SMURF security measure
(little blue horrors, I *hate* em, and don't get
me started on Father Abraham.... :-).
It's done to stop directed broadcasts of ICMP
packets - the dreaded SMURF attack.
Jeremy.
--
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------
More information about the samba-technical
mailing list