[Ilugc] Problem with Ping

• From: kicha@xxxxxxxxxxxxx (Krishna Raj Raja)
• Date: 10 Jul 2002 08:55:18 +0530

On Tue, 2002-07-09 at 19:28, P. Sriram wrote:

On Tue, 9 Jul 2002, S Mohan wrote:

try
/sbin/ipchains -A input -i <enet> -p icmp -j ACCEPT
/sbin/ipchains -A output -i <enet> -p icmp -j ACCEPT

[as solution to ping not working on firewalled machine]

this may work, but is rather broad. presumably, the machine is firewalled 
for a reason. this essentially removes icmp from all the firewalling 
rules. if someone could point at the icmp ping 'port', the above command 
can be modified to open only that 'port' by using an appropriate -s (or 
--destination-port) option.

sriram

Where does ports come into picture in ICMP protocol (network layer)

ICMP packets should be firewalled based on the message they carry,
to see the list of ICMP messages try
# ipchains -h ICMP

for ping to be disabled ICMP echo message has to be blocked,.

Blocking other ICMP messages will lead to serious network
performance degradation, 
and I guess that any good sysadmin wont do that

-kicha

• Follow-Ups:
  • [Ilugc] Problem with Ping
    • From: P. Sriram

• References:
  • [Ilugc] Problem with Ping
    • From: P. Sriram

Other related posts:

• » [Ilugc] Problem with Ping- Manikandan.P
• » [Ilugc] Problem with Ping- <mail2hemanth@xxxxxxxxxxxxxx (hemanthzone)
• » [Ilugc] Problem with Ping- Bharathi S
• » [Ilugc] Problem with Ping- S Mohan
• » [Ilugc] Problem with Ping- S Mohan
• » [Ilugc] Problem with Ping- P. Sriram
• » [Ilugc] Problem with Ping - Krishna Raj Raja
• » [Ilugc] Problem with Ping- P. Sriram

1. Home
2. ilugc
3. Archive
4. 07-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---