At times I am getting a lot of activity in the firewall logs. I assume
this is a Dos attack with icmp? Am I correct? Also what is the best
way to stop this from happening? I do not let this traffic through,
however the load on the firewall becomes so high that WAN access is
slowed to a crawl. Below is one of many identical entries.
11:06:03.544257 sis1 @0:19 b 220.127.116.11 -> 0.0.0.0 PR icmp len 20 56
icmp timxceed/transit for 0.0.0.0 - 18.104.22.168 PR icmp len 20 56 icmp