LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-10-2014, 07:05 PM   #1
Taimur
LQ Newbie
 
Registered: Jun 2006
Posts: 9

Rep: Reputation: 0
Blocking incoming ICMP of host-only adapter (VMWare)


Here is the network information:

Router:
-------
eth0 [Bridged] : 172.18.25.2/24 [Gateway: 172.18.25.1]
eth1 [Host-Only]: 192.168.140.10


Linux Machine 1:
----------------
eth0 [Host-Only]: 192.168.140.201 [GW: 192.168.140.10]


Firewall Rules for Router:
# iptables -A FORWARD -p icmp --out-interface eth0 -j DROP
# iptables --table nat --append POSTROUTING --out-interface eth0 -j MASQUERADE


Internet is working fine on Linux Test Machine. Now, I've blocked out-going icmp request on my network (so users can't ping any internet IP address).

I want to block incoming icmp traffic (which is coming from one machine to another within this network). Example:

A windows machine (with host-only network 192.168.140.225) shouldn't be able to ping my Linux Machine (192.168.140.201).

Please note that I'm doing this on VMWare only for testing purpose before I implement it on physical machines & devices.

Please advice, how do I block all incoming ICMP traffic to host-only adapters?

Regards,

Taimur
 
Old 07-11-2014, 05:28 PM   #2
smallpond
Senior Member
 
Registered: Feb 2011
Location: Massachusetts, USA
Distribution: CentOS 6 & 7
Posts: 3,233

Rep: Reputation: 878Reputation: 878Reputation: 878Reputation: 878Reputation: 878Reputation: 878Reputation: 878
Why would you do this? You will be blocking path MTU discovery, for example. Did you read an article somewhere that said ICMP is evil? Please don't post back here in the future when you have weird hard-to-debug network problems.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
UFW blocking certain incoming requests and not sure why smells_of_elderberries Linux - Security 10 04-02-2013 07:19 PM
Perl program to listen for incoming ICMP data systemlordanubis Programming 3 02-29-2012 05:04 AM
Blocking all incoming email attachments eyedrinkvenom Linux - Software 1 10-31-2010 05:37 AM
Blocking incoming trafic on port 80 NeoNecro Linux - Networking 2 11-19-2007 02:30 PM
Blocking ICMP requests metallica1973 Linux - Security 4 04-02-2006 01:48 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 09:19 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration