From owner-freebsd-questions Fri Dec 28 10:10:52 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.mango-bay.com (mail.mango-bay.com [208.206.15.12]) by hub.freebsd.org (Postfix) with ESMTP id 68E4137B42A for ; Fri, 28 Dec 2001 10:10:26 -0800 (PST) Received: from barbish ([63.70.155.113]) by mail.mango-bay.com (Post.Office MTA v3.5.3 release 223 ID# 0-52377U2500L250S0V35) with SMTP id com; Fri, 28 Dec 2001 13:12:40 -0500 From: "Joe & Fhe Barbish" To: "Ryan Thompson" Cc: "FBSD Questions" , , Subject: RE: avoid ping Date: Fri, 28 Dec 2001 13:10:21 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0) In-Reply-To: <20011221010222.R374-100000@catalyst.sasknow.net> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG You responded ipfw add 400 deny icmp from any to ${you} icmptype 8 Where ${you} is the public IP address of your machine, or network address of your subnet. I respond. ${you} is the static IP address issued by your ISP. How do I get this value if my ISP does dynamic IP assignments? Thanks Joe -----Original Message----- From: owner-freebsd-questions@FreeBSD.ORG [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Ryan Thompson Sent: Friday, December 21, 2001 2:09 AM To: Philip Hallstrom Cc: Lee Mark Mercado; freebsd-questions@FreeBSD.ORG Subject: Re: avoid ping Philip Hallstrom wrote to Lee Mark Mercado: > You could configure your firewall to deny those icmp packets... Yes, but it should be pointed out that you almost certainly don't want to deny ALL ICMP traffic, as some of it is actually useful :-) Basically, man 8 ipfw, /icmptypes .. You will want to deny one or both of echo reply (ICMP type 0), and echo request (type 8). You might try something like the following. The command below will allow you to ping other hosts (and will allow the replies to come back), but will NOT allow echo requests to come IN to your machine/network: ipfw add 400 deny icmp from any to ${you} icmptype 8 Where ${you} is the public IP address of your machine, or network address of your subnet. Hope this helps! - Ryan > -philip > > On Thu, 20 Dec 2001, Lee Mark Mercado wrote: > > > > > > > how could i avoid being pinged ? i know theres no port for ping and it uses > > icmp - how could i avoid it then ? > > > > need help. thx > > > > _________________________________________________________________ > > Send and receive Hotmail on your mobile device: http://mobile.msn.com > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > -- Ryan Thompson Network Administrator, Accounts SaskNow Technologies - http://www.sasknow.com #106-380 3120 8th St E - Saskatoon, SK - S7H 0W2 Tel: 306-664-3600 Fax: 306-664-1161 Saskatoon Toll-Free: 877-727-5669 (877-SASKNOW) North America To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message