How to disable ICMP ping replies (linux)
Few weeks ago during server setup phase for one of my project, I notice there is no
ping replies from server and some port are not able to access.
I told the network engineer to check and seem they blocking the ports and disabling ICMP replies from their firewall configuration.
From that accident I do some google-fu if I can do same thing for personal computer / server. We can setting the
kernel variable or use
iptable to disable
ICMP / ping replies if requested.
Temporarily disable ICMP / ping replies
$ su - echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all # This instructs the kernel to simply ignore all ping requests # 1 = ignore ping requests and 0 = allow ping request
$ iptables -A INPUT -p icmp -j DROP
Permanently disable ICMP / ping replies
To disable ping requests permanently, add this line into your
net.ipv4.icmp_echo_ignore_all = 1
sysctl’s policy by
# sysctl -p.
Or save iptables rule by
# for distros with systemd /usr/libexec/iptables.init save # for all other distros service iptables save # univeral way: edit main config by yourself vim /etc/sysconfig/iptables