Can I block ICMP echo request?
I have blocked all ports with "ufw default deny".
But it still allows ICMP echo requests to my system, which my system gladly replies to with an ICMP echo reply.
Is it possible to block ICMP echo request?
Question information
- Language:
- English Edit question
- Status:
- Solved
- For:
- ufw Edit question
- Assignee:
- No assignee Edit question
- Solved by:
- Jamie Strandboge
- Solved:
- 2008-03-08
- Last query:
- 2008-03-08
- Last reply:
- 2008-03-08
|
|
#1 |
Yes, but not with the ufw front-end. Look in /etc/ufw/
-A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT
| Fred (eldmannen+launchpad) said : | #2 |
Hmm, perhaps its a bit tricky for most users to edit configuration files, and know where to find the rules...
But now when I know how todo it, and where the files are, I can do that. :)
| Fred (eldmannen+launchpad) said : | #3 |
Thanks Jamie Strandboge, that solved my question.
| Lee Hopper (leehopp) said : | #4 |
Didn't work for me - running Ubuntu 8.04, tested with Shields Up - still says my computer is responding to ping requests.
Any ideas?
Here's the part of the file /etc/ufw/
# ok icmp codes
-A ufw-before-input -p icmp --icmp-type destination-
-A ufw-before-input -p icmp --icmp-type source-quench -j ACCEPT
-A ufw-before-input -p icmp --icmp-type time-exceeded -j ACCEPT
-A ufw-before-input -p icmp --icmp-type parameter-problem -j ACCEPT
# Don't allow ping requests:
# -A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT
| Serpentine (ale-diaria) said : | #5 |
Try disabling and re-enabling the firewall after saving the before.rules file. If you restarted your PC since you changed the file, it should be working.
sudo ufw disable
sudo ufw enable
| Lee Hopper (leehopp) said : | #6 |
Serpentine -
Thank you for the response to my question. I tried your suggestion (also
rebooted) to no avail.
Then I checked my setup in WinXP (my machine dual boots) and am having
the same problem there: McAfee firewall set up for NO pings but pings
being answered anyway according to ShieldsUP.
I read somewhere that a NAT router can answer ICMP calls by itself
without even passing them on to your computer. My modem box says
"Centurytel ADSL2/2+ NAT Combo 8/35 PPPOE". Maybe that's the culprit.
LeeH
| Serpentine (ale-diaria) said : | #7 |
Lee Hopper
It could be. Did you try to configure your router directly? Some of them have a hardware/software Firewall integrated to them.
You should be able to enter its configuration page through your web browser. Try entering 192.168.100.0 or 192.168.100.1, or similar, If one of those is the address, it might ask you for a username and password (in my case my ISP didn't have a username or password entered in my router (lucky me XD), so I just have to press "Accept, or OK"), if you don't know the username/password, call your ISP and ask them, if you're lucky, maybe they'll tell you...
Unfortunately can't help you any further, I've never configured a NAT router, but I can bet that someone else here can help you, or search for a tutorial on the web.
Good Luck! =)
Serpentine
Long since this has been answered, but I found that changing the line to:
-A ufw-before-input -p icmp --icmp-type echo-request -j DROP
then run the following:
sudo ufw disable
sudo ufw enable
did the trick for me !)
| Erik Sol (forum-ohi) said : | #9 |
Running Ubuntu 14.04 server:
I needed to change the FORWARD line to:
-A ufw-before-forward -p icmp --icmp-type echo-request -j DROP
With that it worked fine.
