gufw hide ip

Asked by Moti on 2008-11-16

Hello
How can I hide my IP?
I mean like dropping package and avoiding response for ping?
I can't see this option in gufw, I guess it was it the previous version.
Thanks

Question information

Language:
English Edit question
Status:
Solved
For:
Gufw Edit question
Assignee:
No assignee Edit question
Solved by:
Moti
Solved:
2008-11-16
Last query:
2008-11-16
Last reply:
2008-11-16
Soul-Sing (soulzing) said : #1

indeed in the first package is was possible to avoid ping-reponse.
this possibility is dropped....

Vadim Peretokin (vperetokin) said : #2

It had to be removed because of the Ubuntu Policy rules and ufw doing this
wrongly.

Until 'ufw' fixes it, it unfortunately won't be possible to add this back as
it would violate the policy then.

Moti (mm2sa) said : #3

Is it possible to add this rule manually?

Soul-Sing (soulzing) said : #4

no, firestarter can do this for you.

Moti (mm2sa) said : #5

Thank you

costales (costales) said : #6

Hi! For hide ip manually:
$ sudo nano /etc/ufw/before.rules
Replace:
-A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT
by:
#-A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT
Save file and exit.

Restart ufw with:
sudo /etc/init.d/ufw restart
Best regards.

Soul-Sing (soulzing) said : #7

that option isnĀ“t in the graf. interface of gufw.

Vadim Peretokin (vperetokin) said : #8

Yes, because as explained before, this would violate the ubuntu policy for
packages.

Soul-Sing (soulzing) said : #9

: Enable PING

(Note: Security by obscurity may be of very little actual benefit with modern cracker scripts. By default, UFW blocks ping requests. You may find you wish to enable ping to diagnose networking problems.)

You need to edit /etc/ufw/before.rules and remove the commment on this line (remove the # in the front)

-A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT
----------------------------------------------------------------------------------------------------------------------------------------------------------------
marcos this: Hi! For hide ip manually:
$ sudo nano /etc/ufw/before.rules
Replace:
-A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT
by:
#-A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT

seems incorrect to me.....
 By default, UFW blocks ping requests

Soul-Sing (soulzing) said : #10

to block ip:

You need to edit /etc/ufw/before.rules and add a section "Block IP" after "Drop INVALID packets" :

-A ufw-before-input -s 111.222.3.44 -j DROP #Assuming no loging is desired of course)
# drop INVALID packets
# uncomment to log INVALID packets
#-A ufw-before-input -m conntrack --ctstate INVALID -j LOG --log-prefix "[UFW B$
-A ufw-before-input -m conntrack --ctstate INVALID -j DROP

# Block IP
# This it is efective :)
-A ufw-before-input -s 111.222.3.44 -j DROP