Thanks for the reply - I'll cc the list because I thought of adding this after I sent it .. no, I've been running as root, so its not a permissions problem, that I can see. I think if I hadn't have been running as root then the spoofed icmp echo would have failed too ... Thanks for the contrib though (I'd call me stupid if that was the problem ;-) ----- Original Message ----- >From: "J S" <webnews@comcast.net> >To: "Ian Latter" <Ian.Latter@mq.edu.au> >Subject: Re: Re:2.4.20 and user space ICMP REDIRECT >Date: Sat, 08 Mar 2003 23:40:24 -0500 > > I don't think you're stupid or anything like that, but I've made the > mistake more than once of trying that type of thing without being root. > I don't think it's premitted as a non-root user. Just make sure your su > before running the program. > > Josh > > On Sat, 2003-03-08 at 18:40, Ian Latter wrote: > > Sorry .. one error ... > > > > > I won't bore you with more detail, but I've been through proc and > > > made the changes seen below .. and I've added an iptables > > > rule (in my default allow ruleset) to allow icmp-redirect packets > > > outbound, and it increment the count against the rule. > > > > and it *didn't* increment the count against the rule. > > > > > > .. and indication that iptables is either not the cause of the problem, > > or is the cause and not reporting it ... > > > > > > > > -- > > Ian Latter > > Internet and Networking Security Officer > > Macquarie University > > - > > : send the line "unsubscribe linux-net" in > > the body of a message to majordomo@vger.kernel.org > > More majordomo info at http://vger.kernel.org/majordomo-info.html > > -- Ian Latter Internet and Networking Security Officer Macquarie University - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
