How to disable ICMP ping replies (linux)
Few weeks ago during server setup phase for one of my project, I notice there is no ICMP
or ping
replies from server and some port are not able to access.
I told the network engineer to check and seem they blocking the ports and disabling ICMP replies from their firewall configuration.
From that accident I do some google-fu if I can do same thing for personal computer / server. We can setting the kernel variable
or use iptable
to disable ICMP / ping
replies if requested.
Temporarily disable ICMP / ping replies
$ su -
echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
# This instructs the kernel to simply ignore all ping requests
# 1 = ignore ping requests and 0 = allow ping request
or
$ iptables -A INPUT -p icmp -j DROP
Permanently disable ICMP / ping replies
To disable ping requests permanently, add this line into your /etc/sysctl.conf
file:
net.ipv4.icmp_echo_ignore_all = 1
And reload sysctl
’s policy by # sysctl -p
.
Or save iptables rule by
# for distros with systemd
/usr/libexec/iptables.init save
# for all other distros
service iptables save
# univeral way: edit main config by yourself
vim /etc/sysconfig/iptables
Related Posts
Other posts you may be interested in:
IndieWeb Interactions
Below you can find the interactions that this page has had using Indieweb. Which means, you can mentioned this URL on any website that support WebMention. Have you written a response to this post? Let me know the URL:
((Do you use a website that do not set up with WebMention capabilities? You can use Comment Parade.)