Hello, > I have a Linux Box as a Gateway of my network. And i want do allow internal > machines to ping the Internet but i also want to block external machines to > ping my Gateway. Is this is possible plz send me something... Thanx. #let the internal net ping the world iptables -A FORWARD -p icmp -s $YOUR_NET -j ACCEPT #disallow the world to ping the gateway iptables -I INPUT -p icmp -d $GATEWAY_IP -j DROP Of course this is very rough, i do not know your rulesets, it is possible that it can be done better to suit your current chains and rules. Note, the -I INPUT - if we have other icmp rules, they may ACCEPT the pings earlier than if we had just appended the rule, hence we're inserting.
