Welcome to Server Circle. It's a friendly site and all levels of experience are welcome. Be aware that we use cookies for your login.
Server Circle - Ask questions about Servers and get answers from experts.
Beta (0.44 sec)
How do I block pings in IPtables ?

I can't figure it out. Can someone help me please ?
Asked by:
JamiePraross
341 points
 Report Abuse
 Share Page - Category: CentOS Linux - Tags: How do I block pings in IPtables ?
 Enter your response
Please use Pastie.org to paste lengthy code or to fix formatting issues with code
  • Responses in reverse (3)

Best Answer

You don't say how you want to stop these pings, but essentially there are two parts to a ping: an ICMP Echo Request and ICMP Echo Response.

These two are ICMP Type 8 and ICMP Type 0 respectively.

To block incoming echo requests (when someone pings your machine ignore it):

iptables -I INPUT -p icmp --icmp-type 8 -j DROP

If you are acting as a router/firewall for a network, you would place this in the FORWARD table:

iptables -I FORWARD -p icmp --icmp-type 8 -j DROP

It is generally a sensible idea to drop any unsolicited responses, so I would have the following in my INPUT table:

iptables -A INPUT -p icmp --icmp-type 0 -m state ! --state RELATED,ESTABLISHED -j DROP

Response by:
jimrippon
873 points
Very simple solution

echo 1 >/proc/sys/net/ipv4/icmp_echo_ignore_all

Response by:
jalal
3623 points
A ping is a simple echo request using the Internet Control Message Protocol (ICMP), so the following should work:

iptables -A INPUT -p icmp --icmp-type 8 -j DROP.

ICMP type 8 is echo as specified here: http://www.iana.org/assignments/icmp-parameters

Response by:
stevenrossuk
1325 points


  • Related Questions


by poppy (1375 points) in CentOS Linux - 0 replies



About Us : Contact Us : Etiquette : Terms : CDN Failover : ShorterURL : CDN Fallback : © 2013 Server Circle