----- Original Message ----- From: "Klemen Kecman" <klemen@xxxxxxxx> To: <markee@xxxxxxxxxxxxxxx> Sent: Tuesday, February 03, 2004 9:01 AM Subject: Re: ICMP Rule Problem > Not allowing ICMP type 8 goes in to INPUT chain > Not allowing ICMP type 0 goes in to the OUTPUT chain > > First is sane .. but second is kinda not good .. unless it has specific > purpose. > > ----- Original Message ----- > From: "Mark E. Donaldson" <markee@xxxxxxxxxxxxxxx> > To: "'David C. Hart'" <dch@xxxxxxxxxxx>; "'Iptables Mailing List'" > <netfilter@xxxxxxxxxxxxxxxxxxx> > Sent: Tuesday, February 03, 2004 7:36 AM > Subject: RE: ICMP Rule Problem > > > > ICMP Type 0 is an echo reply. Request (ping) is Type 8. > > > > -----Original Message----- > > From: David C. Hart [mailto:dch@xxxxxxxxxxx] > > Sent: Monday, February 02, 2004 9:03 AM > > To: Iptables Mailing List > > Subject: ICMP Rule Problem > > > > Should this not reject echo requests? > > > > -A INPUT -p icmp -m icmp --icmp-type 0 -j REJECT --reject-with > > icmp-net-prohibited > > > > It doesn't seem to work. > > > > --------- > > Quality Management - A Commitment to Excellence > > > > > > >
