Date: Fri, 30 Mar 2001 18:53:04 -0800 From: Sean Chittenden <sean-freebsd-ipfw@chittenden.org> To: Nick Rogness <nick@rogness.net> Cc: alexus <ml@db.nexgen.com>, freebsd-ipfw@FreeBSD.ORG Subject: Re: your mail Message-ID: <20010330185303.D423@rand.tgd.net> In-Reply-To: <Pine.BSF.4.21.0103302049460.86494-100000@cody.jharris.com>; from "nick@rogness.net" on Fri, Mar 30, 2001 at = 08:54:39PM References: <20010330184049.C423@rand.tgd.net> <Pine.BSF.4.21.0103302049460.86494-100000@cody.jharris.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] ICMP type 0: echo reply ICMP type 8: echo request Why not do the following? allow outgoing icmp type 8 from host deny incoming icmp type 8 from anywhere -sc On Fri, Mar 30, 2001 at 08:54:39PM -0600, Nick Rogness wrote: > Delivered-To: sean-freebsd-ipfw@chittenden.org > Date: Fri, 30 Mar 2001 20:54:39 -0600 (CST) > From: Nick Rogness <nick@rogness.net> > X-Sender: nick@cody.jharris.com > To: Sean Chittenden <sean-freebsd-ipfw@chittenden.org> > cc: alexus <ml@db.nexgen.com>, freebsd-ipfw@FreeBSD.ORG > Subject: Re: your mail > In-Reply-To: <20010330184049.C423@rand.tgd.net> > > On Fri, 30 Mar 2001, Sean Chittenden wrote: > > > Please correct me if I'm wrong, but if you're on the system, > > how are you going to get a ping response back? -sc > > For outgoing: > > ipfw add allow icmp from YOUR_FIREWALL to any out via fxp0 icmptypes 8 > ipfw add deny icmp from any to any out via fxp0 icmptypes 8 > > For incoming: > > ipfw add allow icmp from any to YOUR_FIREWALL in via fxp0 icmptypes 8 > ipfw add deny icmp from any to any in via fxp0 icmptypes 8 > > Of course, this depends on how your machine and network is setup. > > > > > > > > On Fri, 30 Mar 2001, alexus wrote: > > > > > > > how can i disable incoming ping of my box? > > > > > > Yes: > > > > > > ipfw add deny icmp from any to any in via fxp0 icmptypes 8 > > > > > > > > > > > is it possible disable outgoing and enable incoming? > > > > > > > > > > Yes, it is: > > > > > > ipfw add deny icmp from any to any out via fxp0 icmptypes 8 > > > > > Nick Rogness <nick@rogness.net> > - Keep on Routing in a Free World... > "FreeBSD: The Power to Serve!" > > -- Sean Chittenden [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Comment: Sean Chittenden <sean@chittenden.org> iEYEARECAAYFAjrFRo8ACgkQn09c7x7d+q0rMQCZAZyfb/xJslojsrn3IQL+MAp/ oosAoIkFP3fprU9zSlghy4UdcrQXNn9G =dH5L -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010330185303.D423>