You are not logged in.

#1 2005-03-05 01:48:46

T-Dawg
Forum Fellow
From: Wilmington, NC
Registered: 2005-01-29
Posts: 2,734

arguments for denying ping with iptables?

Does anyone know the arguments for denying ping requests in iptables? I've tried a few examples online but none of them worked. On my pc they are denied fine (same happens in windows xp on a dual boot) but on another machine which I installed arch with the same identical setup, ping is allowed in both. I cant imagine it being the modem so I'm hoping it can be fixed. There are no routers involved.

Offline

#2 2005-03-05 01:51:23

cactus
Taco Eater
From: t͈̫̹ͨa͖͕͎̱͈ͨ͆ć̥̖̝o̫̫̼s͈̭̱̞͍̃!̰
Registered: 2004-05-25
Posts: 4,615
Website

Re: arguments for denying ping with iptables?

search the forums...
it was asked very recently, and answered
http://bbs.archlinux.org/viewtopic.php?t=10098


"Be conservative in what you send; be liberal in what you accept." -- Postel's Law
"tacos" -- Cactus' Law
"t̥͍͎̪̪͗a̴̻̩͈͚ͨc̠o̩̙͈ͫͅs͙͎̙͊ ͔͇̫̜t͎̳̀a̜̞̗ͩc̗͍͚o̲̯̿s̖̣̤̙͌ ̖̜̈ț̰̫͓ạ̪͖̳c̲͎͕̰̯̃̈o͉ͅs̪ͪ ̜̻̖̜͕" -- -̖͚̫̙̓-̺̠͇ͤ̃ ̜̪̜ͯZ͔̗̭̞ͪA̝͈̙͖̩L͉̠̺͓G̙̞̦͖O̳̗͍

Offline

#3 2005-03-05 01:56:00

T-Dawg
Forum Fellow
From: Wilmington, NC
Registered: 2005-01-29
Posts: 2,734

Re: arguments for denying ping with iptables?

ah thanks..I never noticed that section of the forums

Offline

#4 2005-03-05 14:59:02

T-Dawg
Forum Fellow
From: Wilmington, NC
Registered: 2005-01-29
Posts: 2,734

Re: arguments for denying ping with iptables?

Ok Ive tried all of that but I still cant get it to work. I dont even have an /etc/sysctl.conf file. Is there any way that a modem could respond to the requests? I have the same exact setup at home but I dont have this problem. Heres what I've tried:

# Generated by iptables-save v1.3.0 on Sat Mar  5 09:33:24 2005
*filter
:FORWARD ACCEPT [0:0]
:INPUT ACCEPT [562:56449]
:OUTPUT ACCEPT [1814:183700]
-A INPUT -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp -j DROP
-A OUTPUT -o eth0 -p icmp -m icmp --icmp-type 0 -j DROP
COMMIT
# Completed on Sat Mar  5 09:33:24 2005

Offline

#5 2005-03-05 17:18:08

lucke
Member
From: Poland
Registered: 2004-11-30
Posts: 4,017

Re: arguments for denying ping with iptables?

Just create that sysctl.conf file, paste those two lines there and run 'sysctl -p'.

Online

#6 2005-03-05 17:36:28

T-Dawg
Forum Fellow
From: Wilmington, NC
Registered: 2005-01-29
Posts: 2,734

Re: arguments for denying ping with iptables?

did that and restarted the network....still cant get it to work. This is crazy

Offline

#7 2005-03-05 17:48:48

lucke
Member
From: Poland
Registered: 2004-11-30
Posts: 4,017

Re: arguments for denying ping with iptables?

Exorcise the devil out of your box :-)

Online

#8 2005-03-05 20:05:42

T-Dawg
Forum Fellow
From: Wilmington, NC
Registered: 2005-01-29
Posts: 2,734

Re: arguments for denying ping with iptables?

yep..theres a daemon in the dsl modem. I took the comp home and hooked it up to my roadrunner service and ping was denied. To double check again..or tripple check...I brought it back and retested it . Low and behold it went through. I've never heard of such sh$t and I cant even find any settings on the modem that would turn it off. roll

Offline

#9 2005-03-05 20:21:19

cactus
Taco Eater
From: t͈̫̹ͨa͖͕͎̱͈ͨ͆ć̥̖̝o̫̫̼s͈̭̱̞͍̃!̰
Registered: 2004-05-25
Posts: 4,615
Website

Re: arguments for denying ping with iptables?

so the modem itself is returning ping, not the computer behind it.
Likely the modem has some kind of web interface...even my crappy motorola cable modem has one. Can't do much with it, but it is there...
*shrug*


"Be conservative in what you send; be liberal in what you accept." -- Postel's Law
"tacos" -- Cactus' Law
"t̥͍͎̪̪͗a̴̻̩͈͚ͨc̠o̩̙͈ͫͅs͙͎̙͊ ͔͇̫̜t͎̳̀a̜̞̗ͩc̗͍͚o̲̯̿s̖̣̤̙͌ ̖̜̈ț̰̫͓ạ̪͖̳c̲͎͕̰̯̃̈o͉ͅs̪ͪ ̜̻̖̜͕" -- -̖͚̫̙̓-̺̠͇ͤ̃ ̜̪̜ͯZ͔̗̭̞ͪA̝͈̙͖̩L͉̠̺͓G̙̞̦͖O̳̗͍

Offline

Board footer

Powered by FluxBB