LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Other *NIX Forums > *BSD
Reload this Page Blockrule for ICMP??
User Name
Password
*BSD This forum is for the discussion of all BSD variants.
FreeBSD, OpenBSD, NetBSD, etc.

Notices

Reply
 
Thread Tools
Old 10-11-2009, 11:40 AM   #1
LuxLuv
LQ Newbie
 
Registered: Feb 2007
Posts: 20
Thanked: 0
Blockrule for ICMP??

[Log in to get rid of this advertisement]
Hallo guys!

Does somebody have an great pf rule for disable my firewall to respond
to incomming imcp requests from internet. I have tried some, but it doesnīt work.

/Cy
windows_xp_2003 LuxLuv is offline     Reply With Quote
Old 10-11-2009, 11:41 AM   #2
LuxLuv
LQ Newbie
 
Registered: Feb 2007
Posts: 20
Thanked: 0

Original Poster
Forget to say, its a Openbsd of course =)
windows_xp_2003 LuxLuv is offline     Reply With Quote
Old 10-12-2009, 12:01 AM   #3
rocket357
Member
 
Registered: Mar 2007
Location: 127.0.0.1
Distribution: OpenBSD-CURRENT
Posts: 459
Blog Entries: 19
Thanked: 6
Quote:
Originally Posted by LuxLuv View Post
Hallo guys!

Does somebody have an great pf rule for disable my firewall to respond
to incomming imcp requests from internet. I have tried some, but it doesnīt work.

/Cy
Something like this?

ext_if=bge0 # whatever your external interface is

block drop in quick on $ext_if proto { icmp, icmp6 }
Last edited by rocket357; 10-12-2009 at 12:12 AM..
unknown rocket357 is offline     Reply With Quote
Old 10-12-2009, 08:29 AM   #4
Fin7PL
Member
 
Registered: Mar 2005
Location: Finland
Distribution: FreeBSD 7.2
Posts: 59
Thanked: 1
In options, to make your firewall not to respond anything

Code:
set block-policy drop
And you shouldnīt answer to anything if you have the "first" firewallrule to
Code:
block log all
So IF you havenīt ENABLED incoming ICMP it should block it. You donīt need to block it separately.

also i recommend reading to properly configure -> http://www.openbsd.org/faq/pf/
Last edited by Fin7PL; 10-12-2009 at 08:32 AM..
windows_xp_2003 Fin7PL is offline     Reply With Quote

Reply

Bookmarks


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
About ICMP Ephracis Linux - Networking 1 11-22-2004 09:01 AM
ICMP traffic archives/writing ICMP traffic in a file maia_1 Programming 0 07-20-2004 04:43 AM
What is ICMP? codedv Linux - Networking 2 01-04-2004 11:12 AM
icmp settings chapzilla Linux - Networking 2 08-07-2003 11:44 AM
Icmp mikeyt_3333 Linux - Security 1 08-09-2001 06:40 AM


All times are GMT -5. The time now is 02:14 AM.

Contact Us - Advertising Info - Rules - LQ Merchandise - Donations - Contributing Member - LQ Sitemap - LinuxQuestions.org - Linux Forums
Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
RSS2  LQ Podcast
RSS2  LQ Radio
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: @linuxquestions
Open Source Consulting | Domain Registration