Re: blocking icmp protocol

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

i can't disable the icmp with iptables
i made the following command

iptables -A INPUT -p icmp -s 192.168.1.125 -j DROP

but still  this ip can ping my host
Using iptables -A "appends" the rule to your INPUT chain. Iptables uses a "first match wins" approach. By appending this rule to the input chain, you are allowing all other existing rules to make a decision about these packets before the rule you are adding. 

Try changing your rule to this:

iptables -I INPUT -p icmp -s 192.168.1.125 -j DROP
This will "insert" the rule at the top of the INPUT chain, instead of appending it at the bottom. 

Hope this helps.

Barry

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]

  Powered by Linux