Date: Wed, 07 Feb 2001 10:46:30 -0500 From: "Louis A. Mamakos" <louie@TransSys.COM> To: Nick Rogness <nick@rapidnet.com> Cc: milunovic <milunovic@sendmail.ru>, freebsd-hackers@FreeBSD.ORG Subject: Re: echo request deny Message-ID: <200102071546.f17FkU888386@whizzo.transsys.com> In-Reply-To: Your message of "Tue, 06 Feb 2001 12:23:27 MST." <Pine.BSF.4.21.0102061216050.51787-100000@rapidnet.com> References: <Pine.BSF.4.21.0102061216050.51787-100000@rapidnet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Tue, 6 Feb 2001, milunovic wrote: > > > Is there anyway to deny echo request on FreeBSD (except ipfw add deny > > icmp from any to any) ? > > On Linux It was simple,just echo 1>/proc/.../icmp_echo_request > > If you just want to block echo_requests and don't want to > block any other ICMP why not use ipfw? > > ipfw add 1000 deny icmp from any to any in via xl0 icmptypes 8 > > This will still allow other icmp to work...so why not use it? Yes, indeed. Just blocking all of ICMP will cause things like Path MTU discovery to fail. louie To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200102071546.f17FkU888386>