Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 04-01-2006, 12:54 PM   #1
Senior Member
Registered: Feb 2003
Location: Washington D.C
Posts: 2,163

Rep: Reputation: 59
Blocking ICMP requests

Even though I issue this statement is IPTABLES:




My firewall is still replying to requests. Any suggestions?
Old 04-01-2006, 01:01 PM   #2
Senior Member
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,125

Rep: Reputation: 164Reputation: 164
Those rules look OK so I'm not sure what's going wrong. I use -t filter as well in my rules, but since that's the default table you don't have to have it there, e.g.:
iptables -t filter -A INPUT -p ICMP -i ${EXT_IF} -j DROP
However, if you're using sysctl, you can add the following to /etc/sysctl.conf and then run sysctl -p to turn off ping responses:
net.ipv4.icmp_echo_ignore_all = 1
Old 04-01-2006, 05:13 PM   #3
Registered: Feb 2005
Location: Ottawa/Montréal
Distribution: Slackware + Darwin (MacOS X)
Posts: 468

Rep: Reputation: 30

There are also kernel parameters here
Old 04-02-2006, 06:51 AM   #4
LQ Newbie
Registered: Apr 2006
Posts: 12

Rep: Reputation: 0
Try using this command : -
iptables -I INPUT -p icmp -j REJECT -t mangle

Also as mentioned the kernel parameter /proc/sys/net/ipv4/icmp_echo_ignore_all is the best way to stop the ping at the kernel level.
Old 04-02-2006, 12:48 PM   #5
Senior Member
Registered: Feb 2003
Location: Washington D.C
Posts: 2,163

Original Poster
Rep: Reputation: 59
I have never seen this before but what had happenned was this. It was my VOIP modem/router that sits in front of my network that was and still is allowing ICMP replys. It was setup on gateway mode and it has telnet running on it thus allowing port 23 to be open. What I cant figure out is how that was allowing other ports that were blocked by my firewall to be allowed through? I called my VOIP provider and they said that those services could not be disabled.Can anybody please explain.

Last edited by metallica1973; 04-02-2006 at 01:54 PM.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Firewall blocking some POP3 requests Funky D Linux - Networking 5 09-23-2005 04:21 PM
ICMP traffic archives/writing ICMP traffic in a file maia_1 Programming 0 07-20-2004 03:43 AM
Problem of blocking ICMP packets while calculating Path MTU myself_rajat Linux - Networking 3 05-11-2004 12:47 AM
blocking DHCP requests jjfate Linux - Networking 4 06-20-2003 01:49 PM
ICMP packet requests Ch@meleon Linux - General 0 11-29-2001 12:03 PM

All times are GMT -5. The time now is 04:29 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration