> Hi,
>
> Other than implementing a policy to disable icmp
> redirect from the Firewall on Nokia IP440, i.e source
> : FW Dest : any Service :icmp-redirect ACtion : drop,
> is there any other way to disable icmp redirect by
> changing the systems file?
On IPSO, this is done on a per-interface basis (the example below is for
eth-s3p1c0)
tweek[admin]# ipsctl -w interface:eth-s3p1c0:family:inet:flags:icmp_no_rdir
1
Note that ICMP Redirects are off by default if VRRP is running on that
interface. This also does not get saved across reboots, so you will need to
add this command to /var/etc/rc.local.
-- PhoneBoy
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
