diff options
| -rw-r--r-- | Documentation/networking/ip-sysctl.rst | 6 | ||||
| -rw-r--r-- | net/ipv4/icmp.c | 4 |
2 files changed, 5 insertions, 5 deletions
diff --git a/Documentation/networking/ip-sysctl.rst b/Documentation/networking/ip-sysctl.rst index 9c90333530fa..d1eeb5323af0 100644 --- a/Documentation/networking/ip-sysctl.rst +++ b/Documentation/networking/ip-sysctl.rst @@ -1758,14 +1758,14 @@ icmp_msgs_per_sec - INTEGER controlled by this limit. For security reasons, the precise count of messages per second is randomized. - Default: 1000 + Default: 10000 icmp_msgs_burst - INTEGER icmp_msgs_per_sec controls number of ICMP packets sent per second, - while icmp_msgs_burst controls the burst size of these packets. + while icmp_msgs_burst controls the token bucket size. For security reasons, the precise burst size is randomized. - Default: 50 + Default: 10000 icmp_ratemask - INTEGER Mask made of ICMP types for which rates are being limited. diff --git a/net/ipv4/icmp.c b/net/ipv4/icmp.c index a62b4c4033cc..1cf9e391aa0c 100644 --- a/net/ipv4/icmp.c +++ b/net/ipv4/icmp.c @@ -1727,8 +1727,8 @@ static int __net_init icmp_sk_init(struct net *net) net->ipv4.sysctl_icmp_ratemask = 0x1818; net->ipv4.sysctl_icmp_errors_use_inbound_ifaddr = 0; net->ipv4.sysctl_icmp_errors_extension_mask = 0; - net->ipv4.sysctl_icmp_msgs_per_sec = 1000; - net->ipv4.sysctl_icmp_msgs_burst = 50; + net->ipv4.sysctl_icmp_msgs_per_sec = 10000; + net->ipv4.sysctl_icmp_msgs_burst = 10000; return 0; } |