I've also seen this on 2.4.21-4.EL. The problem is that you have
some device on your network that incorrectly sends a ICMP time
exceeded response to broadcasts where ttl == 0. The linux kernel
reports such bogus messages in the system log by default.
The code that actually does the logging was updated to be more
verbose sometime between 2.4.19 and 2.4.21 I think, but unfortunately
the update introduced a bug so that the log message incorrectly list
the destination address as the source address of the bogus message !
So you cannot find the bad device with the information in the log
message. You have to use a network packet sniffer instead.
To get the correct address of the bad packet the kernel must be fixed
(see included mail below)
You can also try to find the bad device with send out the packages
It is also possible to turnoff logging of bad ICMP packages in the
linux kernel if you just think the messages are annoying.
Do:
# /sbin/sysctl –w net.ipv4.icmp_ignore_bogus_error_response=1
or put it in /etc/sysctl.conf if you want it if permanently
阅读(927) | 评论(0) | 转发(0) |