πŸ“’ Actions Speak Louder Than Words!

How to disable ICMP ping replies (linux)

Posted: Dec 8, 2020 | Reading time: 1 min
⚠️ Warning: This post is over a year old, the information may be out of date.
πŸ“’ I’ve moved to a new website. Please visit me at https://journal.robbi.my !
post

Few weeks ago during server setup phase for one of my project, I notice there is no ICMP or ping replies from server and some port are not able to access.

I told the network engineer to check and seem they blocking the ports and disabling ICMP replies from their firewall configuration.

From that accident I do some google-fu if I can do same thing for personal computer / server. We can setting the kernel variable or use iptable to disable ICMP / ping replies if requested.

Temporarily disable ICMP / ping replies

$ su -
echo "1" >  /proc/sys/net/ipv4/icmp_echo_ignore_all
# This instructs the kernel to simply ignore all ping requests
# 1 = ignore ping requests and 0 = allow ping request

or

$ iptables -A INPUT -p icmp -j DROP

Permanently disable ICMP / ping replies

To disable ping requests permanently, add this line into your /etc/sysctl.conf file:

net.ipv4.icmp_echo_ignore_all = 1

And reload sysctl’s policy by # sysctl -p.

Or save iptables rule by

# for distros with systemd
/usr/libexec/iptables.init save

# for all other distros
service iptables save

# univeral way: edit main config by yourself
vim /etc/sysconfig/iptables

Edit

Have some thoughts, discussion or feedback on this post?
IndieWeb Interactions

Below you can find the interactions that this page has had using Indieweb. Which means, you can mentioned this URL on any website that support WebMention. Have you written a response to this post? Let me know the URL:

((Do you use a website that do not set up with WebMention capabilities? You can use Comment Parade.)