Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 05 Oct 2002 19:39:00 -0500
From:      "Jack L. Stone" <jackstone@sage-one.net>
To:        Giorgos Keramidas <keramida@FreeBSD.ORG>
Cc:        "Patrick O'Reilly" <bsd@perimeter.co.za>, <questions@FreeBSD.ORG>, master <master@tyranz.com>
Subject:   Re: block icmp with ipfw
Message-ID:  <3.0.5.32.20021005193900.01199da8@mail.sage-one.net>
In-Reply-To: <20021005213833.K35489-100000@hades>
References:  <3.0.5.32.20021005085103.011d62c0@mail.sage-one.net>

next in thread | previous in thread | raw e-mail | index | archive | help
At 09:41 PM 10.5.2002 +0300, Giorgos Keramidas wrote:
>On 2002-10-05 08:51, Jack L. Stone wrote:
>> At 03:41 PM 10.5.2002 +0200, Patrick O'Reilly wrote:
>> >From: "master" <master@tyranz.com>
>> > > hi all i would like to know the syntax of ipfw to block icmp ping?
>> > > (echo and reply)
>> >
>> > ipfw add 123 deny ip from any to any icmtypes 8
>>
>> .... but if you still want to ping OUT....
>> ${fwcmd} add pass icmp from any to any icmptypes 8 out via ${oif}
>
>That will negate the effect of any firewall rules that "block" icmp
>packets though, i.e. it's the opposite of what was asked :-)
>
>-- 
>keramida@FreeBSD.org -==- FreeBSD: The Power to Serve
>FreeBSD 5.0-CURRENT #3: Wed Oct  2 04:55:42 EEST 2002
>

....then answer the poster's question. I don't have the same other rule in
conflict....

Best regards,
Jack L. Stone,
Administrator

SageOne Net
http://www.sage-one.net
jackstone@sage-one.net

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.20021005193900.01199da8>