Hello,
I've added a route in e.smith configuration to reach an external news server, accessible thru another gateway/firewall (gnatbox) on my local lan.
It works, but icmp type 5 (redirect) is blocked by firewall, that's "normal"... e-smith is juste telling my workstation that this news server can be reached thru another gateway on local my local lan. And Ipchains blocks this...
Is ther any security problem possible if I accept icmp type 5 in Masq ?
40AllowICMPIn tells :
# We want to be very selective on the ICMPs we accept to stop
# route hijacking
Any idea ?
0 Replies
433 Views