Because ping is a PROTOCOL called ICMP. It has two different packet types, ICMP type 0 and 8. 0 == Reply 8 == Request Hence, if you want to ping the system, you should add the ability for those protocols to be accepted. iptables -A INPUT -p icmp --icmp-type 8 -j ACCEPT Please do SOME research before asking such elementary questions on a tools list. This is not a networking newbie list (although there really should be one somewhere). This is for netfilter related material, but what you seem to lack is a general misunderstanding of networks. Arr. I've gotten a lot more impatient with ppl ever since I got a junior admin... Sorry man, I know you're just learning and all. -----Original Message----- From: Jeffrin [mailto:jeffrin@xxxxxxxxxxx] Sent: Monday, December 08, 2003 11:45 AM To: Antony Stone Cc: netfilter@xxxxxxxxxxxxxxxxxxx Subject: Re: iptables related hello , iptables -P INPUT DROP iptables -A INPUT -p tcp --sport 80 -j ACCEPT Iam not able to ping. why ?
