Blocking incoming ICMP of host-only adapter (VMWare)
Here is the network information:
Router:
-------
eth0 [Bridged] : 172.18.25.2/24 [Gateway: 172.18.25.1]
eth1 [Host-Only]: 192.168.140.10
Linux Machine 1:
----------------
eth0 [Host-Only]: 192.168.140.201 [GW: 192.168.140.10]
Firewall Rules for Router:
# iptables -A FORWARD -p icmp --out-interface eth0 -j DROP
# iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE
Internet is working fine on Linux Test Machine. Now, I've blocked out-going icmp request on my network (so users can't ping any internet IP address).
I want to block incoming icmp traffic (which is coming from one machine to another within this network). Example:
A windows machine (with host-only network 192.168.140.225) shouldn't be able to ping my Linux Machine (192.168.140.201).
Please note that I'm doing this on VMWare only for testing purpose before I implement it on physical machines & devices.
Please advice, how do I block all incoming ICMP traffic to host-only adapters?
Regards,
Taimur
|