我们正在遭受严重的icmp洪水攻击。Tcpdump 显示了下面的结果。尽管我们已经使用 iptables tcpdump 阻止了 ICMP,但仍然会打印 icmp 数据包。我还附上了 iptables 配置和“顶级”结果。有什么办法可以完全阻止 icmp 数据包吗?
[root@server downloads]# tcpdump icmp -v -n -nn
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
03:02:47.810957 IP (tos 0x0, ttl 49, id 16007, offset 0, flags [none], proto: ICMP (1), length: 56) 80.227.64.183 > 77.92.136.196: ICMP redirect 94.201.175.188 to host 80.227.64.129, length 36
IP (tos 0x0, ttl 124, id 31864, offset 0, flags [none], proto: ICMP (1), length: 76) 77.92.136.196 > 94.201.175.188: [|icmp]
03:02:47.811559 IP …