Menu
▾
▴
[IPCop-user] Blocking ICMP Pings
|
From: Evan T. <et...@gm...> - 2005-01-13 01:27:21
|
I have the following rules in rc.firewall.local that should allow
requested icmp traffic through, but block all other icmp traffic. Do I
have these rules correct? It is still responding to an icmp ping....
/sbin/iptables -A CUSTOMINPUT -p icmp --icmp-type echo-reply -s 0/0 -i
$RED_DEV -j ACCEPT
/sbin/iptables -A CUSTOMINPUT -p icmp --icmp-type
destination-unreachable -s 0/0 -i $RED_DEV -j ACCEPT
/sbin/iptables -A CUSTOMINPUT -p icmp --icmp-type
time-exceeded -s 0/0 -i $RED_DEV -j ACCEPT
/sbin/iptables -A CUSTOMINPUT -p icmp --icmp-type any
-s 0/0 -i $RED_DEV -j DROP
--
-Evan Talley
et...@gm...
Network & Systems Administrator
Port Aransas Computer Center
|
