[FW-1] splat r55: ICMP redirect packets are not allowed

Subject:	[FW-1] splat r55: ICMP redirect packets are not allowed
From:	"Covington, Chris" <ccovington AT PLUSONE DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Tue, 27 Jan 2004 16:51:39 -0500

Hi all,

I've followed sk10254 to allow ICMP redirect packets on one of my splat
r55 boxes by adding fw_icmp_redirects=1 to $FWDIR/modules/fwkern.conf,
rebooted, and I still get the following in the logs:

Information:    ICMP: Host Redirect
                        ICMP Type: 5
                        ICMP Code: 1
                        message_info: ICMP redirect packets are not
allowed

Is there a specific rule I need to create in addition to the fix from
sk10254?  Anything else I should try?

thanks
Chris

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] splat r55: ICMP redirect packets are not allowed, Covington, Chris <= Re: [FW-1] splat r55: ICMP redirect packets are not allowed, Lars Higham Re: [FW-1] splat r55: ICMP redirect packets are not allowed, Roelandts, Guy

Previous by Date:	Re: [FW-1] Problems with VPN and AI R55 in IPSO 530 with Cluster, Alex Mandina
Next by Date:	[FW-1] SecuRemote and Split Tunnel, Ruiyuan Jiang
Previous by Thread:	[FW-1] CP Express license, Mónica Salvia
Next by Thread:	Re: [FW-1] splat r55: ICMP redirect packets are not allowed, Lars Higham
Indexes:	[Date] [Thread] [Top] [All Lists]