Originally Posted by email@example.com
Chain INPUT (policy ACCEPT)
target prot opt source destination
REJECT all -- 192.168.1.112 anywhere reject-with icmp-port-unreachable
it will block icmp protocol only
No, this lines means ALL packages coming from this address are rejected. 'icmp-port-unreachable' is the method used for rejection. It is default behavior for hosts without firewall when there is just nothing listening on that port, so iptables emulates this behavior. That's a good idea because it hides the fact you are using a firewall. The alternative would be DROP instead of REJECT, DROP will just never reply. If any other ports on your box DO reply, an attacker will know you are using some firewall.
BTW, DROP makes a good policy (better than ACCEPT), so you can write rules to only allow what you want to allow. This is much more secure.