I'm attempting to stop these types of broadcasts directed at a NIC that has a registered IP address: 12:13:26.670379 w227.z216112046.bos-ma.dsl.cnc.net > X.X.X.X: icmp: echo request 12:13:26.701129 w227.z216112046.bos-ma.dsl.cnc.net > X.X.X.X: icmp: echo request 12:13:26.710815 w227.z216112046.bos-ma.dsl.cnc.net > 255.255.255.255: icmp: echo request 12:13:27.192127 ns.majordomo.ru > 255.255.255.255: icmp: echo request I simply do not want those packets coming to my IP address - is it not possible? I attempted to set the /proc variable about no icmp broadcasts, but I still see the packets in a tcpdump - is this simply what you can call a mini-dos in that the icmp probes are not really hitting the iptables ruleset? These rules were no help: iptables -t nat -I PREROUTING -i eth1 -p icmp -j DROP iptables -I INPUT -i eth1 -p icmp -j DROP
