diff options
| author | Mohit Mehta <mohit.mehta@vyatta.com> | 2009-02-19 19:08:03 -0800 |
|---|---|---|
| committer | Mohit Mehta <mohit.mehta@vyatta.com> | 2009-02-19 19:08:03 -0800 |
| commit | 55863b16fdaa0337c4f1df00ef045f3b646b24b6 (patch) | |
| tree | 9dc6da7b055c2f073cec0d61c29565caffe25a00 /templates/firewall/broadcast-ping | |
| parent | 3c18b9bf9a01575dd6cab370670382a1dd3a1fcf (diff) | |
| download | vyatta-cfg-firewall-55863b16fdaa0337c4f1df00ef045f3b646b24b6.tar.gz vyatta-cfg-firewall-55863b16fdaa0337c4f1df00ef045f3b646b24b6.zip | |
Fix Bug 3951 default values for kernel tunable security parameters under firewall
Diffstat (limited to 'templates/firewall/broadcast-ping')
| -rw-r--r-- | templates/firewall/broadcast-ping/node.def | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/templates/firewall/broadcast-ping/node.def b/templates/firewall/broadcast-ping/node.def index 3cf7e00..03f0bd2 100644 --- a/templates/firewall/broadcast-ping/node.def +++ b/templates/firewall/broadcast-ping/node.def @@ -1,3 +1,8 @@ +# icmp_echo_ignore_broadcasts +# default value - 1 +# If set non-zero, then the kernel will ignore all +# ICMP ECHO and TIMESTAMP requests sent to it via broadcast/multicast. + type: txt help: Set handling of broadcast IPv4 ICMP echo and timestamp requests @@ -10,15 +15,6 @@ default: "disable" syntax:expression: $VAR(@) in "enable", "disable"; "broadcast-ping must be enable or disable" -create: - if [ x$VAR(@) == xenable ]; then - sudo sh -c "echo 0 > \ - /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts" - else - sudo sh -c "echo 1 > \ - /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts" - fi - update: if [ x$VAR(@) == xenable ]; then sudo sh -c "echo 0 > \ |