blocking icmp protocol
Lord of Gore
lordofgore at logsoftgrup.ro
Mon Dec 18 19:10:56 UTC 2006
John O'Loughlin wrote:
>
> filter is the default table so -t filter is not needed, also this will
> drop all icmp from everywhere, which may not be what he wants.
>
> If the host can still ping you it may well be the case that an earlier
> rule is allowing them to do so, remember iptables works on a first
> match basis.
>
> John
Well although it pleases my heart to see a professional answer I must
say that you discarded the first obvious reason: he's not pinging from
the 192.168.1.125's subnet... :)
>
> On Sun, 17 Dec 2006, Waleed Harbi wrote:
>
>> iptables -t filter -A INPUT -p icmp -i eth0 -j DROP
>>
>> On 12/17/06, tamer amr <tamer_linux at yahoo.com> wrote:
>>>
>>> hi
>>>
>>> i can't disable the icmp with iptables
>>> i made the following command
>>>
>>> iptables -A INPUT -p icmp -s 192.168.1.125 -j DROP
>>>
>>> but still this ip can ping my host
>>>
>>> thank you
>>>
>>> __________________________________________________
>>> Do You Yahoo!?
>>> Tired of spam? Yahoo! Mail has the best spam protection around
>>> http://mail.yahoo.com
>>> --
>>> redhat-list mailing list
>>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>>> https://www.redhat.com/mailman/listinfo/redhat-list
>>>
>>
>>
>>
>> --
>> :. Best Wishes
>> :. Waleed Harbi
>> ---------------------------------------------
>> :. Never too old to learn
>> :. Every why has a wherefore
>> :. Grasp all, lose all
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>>
>
More information about the redhat-list
mailing list