Redhat AS3 bug 11681: Invalid ICMP type 11 message

服務器console的屏幕上一直會有這樣的信息刷屏（這個信息作為kernel日志寫入了/var/log/messages文件中）：

xxx.xxx.xxx.xxx sent an invalid ICMP type 11, code 0 error to a broadcast: xxx.xxx.xxx.xxx


這個問題其實很早就發現了，只是一直不以為意，今天決定要把這個問題給解決了。

先是設置iptables把發出的icmp包拋棄掉，可是這樣做并沒有效果。那就只好google嘍。

google 這些關鍵字sent an invalid "icmp type 11"。

一個結果是一個新聞組/郵件列表的內容，有人也遇到了這個問題（看來這個問題還是典型的），也有人提出解決方案：

I don't know what's going on either, but I added the line:
net.ipv4.icmp_ignore_bogus_error_responses = 1
to /etc/sysctl.conf, which doesn't deal with the underlying cause
(whatever it is) but does get the kernel to shut up about it and stop
flooding the logs. I haven't noticed any ill effects so far.

Ewan

另一個結果是https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=111681，是redhat的官方網站，說明這是一個bug。接下來的comment還提到了原因：

I've also seen this on 2.4.21-4.EL. The problem is that you have
some device on your network that incorrectly sends a ICMP time
exceeded response to broadcasts where ttl == 0. The linux kernel
reports such bogus messages in the system log by default.
The code that actually does the logging was updated to be more
verbose sometime between 2.4.19 and 2.4.21 I think, but unfortunately
the update introduced a bug so that the log message incorrectly list
the destination address as the source address of the bogus message !
So you cannot find the bad device with the information in the log
message. You have to use a network packet sniffer instead.
To get the correct address of the bad packet the kernel must be fixed
(see included mail below)
You can also try to find the bad device with send out the packages
It is also possible to turnoff logging of bad ICMP packages in the
linux kernel if you just think the messages are annoying.

Do:
# /sbin/sysctl –w net.ipv4.icmp_ignore_bogus_error_response=1

or put it in /etc/sysctl.conf if you want it if permanently.

/Leif

該bug已經在kernel-2.4.21-9.EL中得到了糾正?？梢陨墐群嘶蛘叽蜓a丁包來解決它。

原文轉自：http://www.kjueaiud.com