Few days ago I was dealing with SYSCTL (man sysctl) utility and I was looking for a certain kernel parameter, I wish to set it on the fly and I’ve found other useful information too.
sysctl is used to modify kernel parameters at runtime, one of these parameter could be ping daemon response, if you want to disable ping reply on your network you just simply need to issue something like:
~# sysctl -w net.ipv4.icmp_echo_ignore_all=1
net.ipv4.icmp_echo_ignore_all = 1
(root access required)
Now try to ping your machine, no replies at all, look nice isn’t it ?
To re-enable ping reply just issue:
~# sysctl -w net.ipv4.icmp_echo_ignore_all=0
net.ipv4.icmp_echo_ignore_all = 0
(root access required)
-w flag is used if you want to change some settings, take a look at kernel flags you can set at runtime (linux sources)
Ben
