| 1 |
Am 10.10.2013 06:45, schrieb Adam Carter: |
| 2 |
> There might have been a icmp redirect from 10.96.25.1 telling ipfire that |
| 3 |
> there's a better way to get to that network, and its via 10.96.25.2. |
| 4 |
> |
| 5 |
> On my system it seems to be off by default (I havent set it in |
| 6 |
> /etc/sysctl.conf) which makes sense as redirects can be used for MITM |
| 7 |
> attacks. |
| 8 |
> $ cat /proc/sys/net/ipv4/conf/all/accept_redirects |
| 9 |
> 0 |
| 10 |
|
| 11 |
So I would have to check that on the router? Or both? Just will check |
| 12 |
both, sure ... |
| 13 |
|
| 14 |
Could this lead to mislead keepalive packets from libvirtd? |
| 15 |
Maybe I should ask their network-admins for more details ... huge |
| 16 |
company, unknown structures ;-) |
| 17 |
|
| 18 |
Thanks, Stefan |
Archives