Login or Register to Ask a Question and Join Our Community


UNIX for Advanced & Expert Users

iptables rule to block ping to internet

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users iptables rule to block ping to internet
# 1  
Old 11-22-2007
iptables rule to block ping to internet
I want to block ping on a linuxbox to any other address where it would go to the default gateway.

Code:
vmdebianamd64:/etc/tcng# route
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
198.9.200.0     *               255.255.255.0   U     0      0        0 eth0
default         198.9.200.249   0.0.0.0         UG    0      0        0 eth0

i used
Code:
iptables -A OUTPUT -d 198.9.200.249 -j DROP

no i can't ping to 198.9.200.249 but i can still ping to -www.yahoo.com which is not on my network?
why and what solution
# 2  
Old 11-22-2007
Try this:

iptables -A OUTPUT -p icmp -o eth0 -j DROP
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Programming

Ping test sends mail when ping fails

help with bash script! im am working on this script to make sure my server will stay online, so i made this script.. HOSTS="192.168.138.155" COUNT=4 pingtest(){ for myhost in "$@" do ping -c "$COUNT" "$myhost" &&return 1 done return 0 } if pingtest $HOSTS #100% failed... (4 Replies)
Discussion started by: mort3924
4 Replies

2. UNIX for Dummies Questions & Answers

iptables rule to block access from VM Browser to Firewall Login Page

(1 Reply)
Discussion started by: senrabdet
1 Replies

3. Cybersecurity

iptables rule sanity check?

why would: iptables -A INPUT -s 180.0.0.0/8 -j DROP along with /etc/hosts.deny rule of ALL: 180.0.0.0/8 not stop traffic to/from 180.x.x.x, which I still see by running iftop? Or could iftop just be showing an artifact and is there a better way to monitor connections real-time? (3 Replies)
Discussion started by: unclecameron
3 Replies

4. Shell Programming and Scripting

Animation Ping on Solaris Like Cisco Ping

Hi, I develop simple animation ping script on Solaris Platform. It is like Cisco ping. Examples and source code are below. bash-3.00$ gokcell 152.155.180.8 30 Sending 30 Ping Packets to 152.155.180.8 !!!!!!!!!!!!!.!!!!!!!!!!!!!!!. % 93.33 success... % 6.66 packet loss...... (1 Reply)
Discussion started by: gokcell
1 Replies

5. IP Networking

iptables - most easy way to find rule and remove it?

I have situation where I have rules in iptables with comments. Now... I can for example enter rule like "iptables -A FORWARD -s xxx -j ACCEPT" and delete it with "iptables -D FORWARD -s xxx -j ACCEPT".. but if that rule contain some random comment (-m comment) then ... ? I can find with scripting... (2 Replies)
Discussion started by: darkman_hr
2 Replies

6. Debian

PB : DNS Client don't ping internet

Hi, I have my router (192.168.1.1) connected to the internet. I have installed Debian on a server with Bind9 (192.168.1.254). The configurations files are : $ cat /etc/network/interfaces # The loopback network interface auto lo iface lo inet loopback # The primary network interface... (1 Reply)
Discussion started by: Thibault
1 Replies

7. Red Hat

Can't ping on Fedora 10 affer config NAT iptables

Currently,i use Fedora 10 and get a follow trouble : My network: route(10.11.10.2/24)----eth0----(10.11.10.105/24)Fedora10(172.16.239.1/24)----vmnet0----(172.16.239.2/24)Virtual Machine XP2. I used : Vmware 6.5.1,Virtual Machine : Window XP SP2. , iptable 1.4.1.1 I set up static ip... (2 Replies)
Discussion started by: kideltn
2 Replies

8. Linux

iptables rule problem

Hi, i have 40 client's in my network, that connected to internet via squid server (WebProxy). i want none of these client can't ping my squid server bat squid server can ping them.i wrote these rules but it is'nt work. iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -A INPUT -p... (1 Reply)
Discussion started by: skynet_boy
1 Replies

9. Shell Programming and Scripting

Block incoming traffic FTP from internet using iptables

Hi everybody. I have the next scenary: eth0: WAN eth1: DMZ eth2: LAN I need to block all incoming trafic from the internet through my network LAN using iptables. I have squid but i need to do this using ipatbles. I have been listening about iptables -A FORDAWARD but I am stuck right... (0 Replies)
Discussion started by: edeamat
0 Replies

10. IP Networking

Can't ping internet. Need help

I am running AIX, and just newly installed this sytem. I thought I had all the settings correct, but may be wrong. I set up the DNS to point to my router which has DNS relay. Router IP is 192.168.0.1 AIX server IP is 192.168.0.164 I can ping my router with no problem. When I do a... (6 Replies)
Discussion started by: mrciano1
6 Replies
Login or Register to Ask a Question