LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
Reload this Page Blockrule for ICMP??
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices

Reply
 
LinkBack Search this Thread
Old 10-11-2009, 10:40 AM   #1
LuxLuv
LQ Newbie
 
Registered: Feb 2007
Location: Sweden
Distribution: CentOS, Suse, OpenBSD, Solaris, Slackware
Posts: 29

Rep: Reputation: 15
Blockrule for ICMP??

Hallo guys!

Does somebody have an great pf rule for disable my firewall to respond
to incomming imcp requests from internet. I have tried some, but it doesnīt work.

/Cy
 
Old 10-11-2009, 10:41 AM   #2
LuxLuv
LQ Newbie
 
Registered: Feb 2007
Location: Sweden
Distribution: CentOS, Suse, OpenBSD, Solaris, Slackware
Posts: 29

Original Poster
Rep: Reputation: 15
Forget to say, its a Openbsd of course =)
 
Old 10-11-2009, 11:01 PM   #3
rocket357
Member
 
Registered: Mar 2007
Location: 127.0.0.1
Distribution: OpenBSD-CURRENT
Posts: 460
Blog Entries: 67

Rep: Reputation: 70
Quote:
Originally Posted by LuxLuv View Post
Hallo guys!

Does somebody have an great pf rule for disable my firewall to respond
to incomming imcp requests from internet. I have tried some, but it doesnīt work.

/Cy
Something like this?

ext_if=bge0 # whatever your external interface is

block drop in quick on $ext_if proto { icmp, icmp6 }
Last edited by rocket357; 10-11-2009 at 11:12 PM.
 
Old 10-12-2009, 07:29 AM   #4
Fin7PL
Member
 
Registered: Mar 2005
Location: Finland
Distribution: FreeBSD 7.2
Posts: 59

Rep: Reputation: 16
In options, to make your firewall not to respond anything

Code:
set block-policy drop
And you shouldnīt answer to anything if you have the "first" firewallrule to
Code:
block log all
So IF you havenīt ENABLED incoming ICMP it should block it. You donīt need to block it separately.

also i recommend reading to properly configure -> http://www.openbsd.org/faq/pf/
Last edited by Fin7PL; 10-12-2009 at 07:32 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
About ICMP Ephracis Linux - Networking 1 11-22-2004 08:01 AM
ICMP traffic archives/writing ICMP traffic in a file maia_1 Programming 0 07-20-2004 03:43 AM
What is ICMP? codedv Linux - Networking 2 01-04-2004 10:12 AM
icmp settings chapzilla Linux - Networking 2 08-07-2003 10:44 AM
Icmp mikeyt_3333 Linux - Security 1 08-09-2001 05:40 AM


All times are GMT -5. The time now is 08:29 AM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
 
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration