- icmp_destunreach_rate (Linux 2.2 to 2.4.9)
- Maximum rate to send ICMP Destination Unreachable packets. This limits the rate at which packets are sent to any individual route or destination. The limit does not affect sending of ICMP_FRAG_NEEDED packets needed for path MTU discovery.
- icmp_echo_ignore_all (since Linux 2.2)
- If this value is nonzero, Linux will ignore all ICMP_ECHO requests.
- icmp_echo_ignore_broadcasts (since Linux 2.2)
- If this value is nonzero, Linux will ignore all ICMP_ECHO packets sent to broadcast addresses.
- icmp_echoreply_rate (Linux 2.2 to 2.4.9)
- Maximum rate for sending ICMP_ECHOREPLY packets in response to ICMP_ECHOREQUEST packets.
- icmp_errors_use_inbound_ifaddr (Boolean; default: disabled; since Linux 2.6.12)
- If disabled, ICMP error messages are sent with the primary address of the exiting interface.
- If enabled, the message will be sent with the primary address of the interface that received the packet that caused the ICMP error. This is the behavior that many network administrators will expect from a router. And it can make debugging complicated network layouts much easier.
- Note that if no primary address exists for the interface selected, then the primary address of the first non-loopback interface that has one will be used regardless of this setting.
- icmp_ignore_bogus_error_responses (Boolean; default: disabled; since Linux 2.2)
- Some routers violate RFC1122 by sending bogus responses to broadcast frames. Such violations are normally logged via a kernel warning. If this parameter is enabled, the kernel will not give such warnings, which will avoid log file clutter.
- icmp_paramprob_rate (Linux 2.2 to 2.4.9)
- Maximum rate for sending ICMP_PARAMETERPROB packets. These packets are sent when a packet arrives with an invalid IP header.
- icmp_ratelimit (integer; default: 1000; since Linux 2.4.10)
- Limit the maximum rates for sending ICMP packets whose type matches icmp_ratemask (see below) to specific targets. 0 to disable any limiting, otherwise the minimum space between responses in milliseconds.
- icmp_ratemask (integer; default: see below; since Linux 2.4.10)
- Mask made of ICMP types for which rates are being limited.
- Significant bits: IHGFEDCBA9876543210
- Bit definitions (see the Linux kernel source file include/linux/icmp.h):
|0 Echo Reply|
|3 Destination Unreachable *|
|4 Source Quench *|
|8 Echo Request|
|B Time Exceeded *|
|C Parameter Problem *|
|D Timestamp Request|
|E Timestamp Reply|
|F Info Request|
|G Info Reply|
|H Address Mask Request|
|I Address Mask Reply|
- icmp_timeexceed_rate (Linux 2.2 to 2.4.9)
- Maximum rate for sending ICMP_TIME_EXCEEDED packets. These packets are sent to prevent loops when a packet has crossed too many hops.
- ping_group_range (two integers; default: see below; since Linux 2.6.39)
- Range of the group IDs (minimum and maximum group IDs, inclusive) that are allowed to create ICMP Echo sockets. The default is "1 0", which means no group is allowed to create ICMP Echo sockets.