Am 10.10.2013 06:45, schrieb Adam Carter: > There might have been a icmp redirect from 10.96.25.1 telling ipfire that > there's a better way to get to that network, and its via 10.96.25.2. > > On my system it seems to be off by default (I havent set it in > /etc/sysctl.conf) which makes sense as redirects can be used for MITM > attacks. > $ cat /proc/sys/net/ipv4/conf/all/accept_redirects > 0
So I would have to check that on the router? Or both? Just will check both, sure ... Could this lead to mislead keepalive packets from libvirtd? Maybe I should ask their network-admins for more details ... huge company, unknown structures ;-) Thanks, Stefan
