SUSE / Novell :: Write IPTABLES Script To Block The ICMP Ping?
Mar 13, 2010
I was trying to write IPTABLES script to block the ICMP ping using the below mentioned command in OpenSUSE 11.2 Doing this in VMware.....
iptables -A OUTPUT -o eth0 -p icmp -j DROP
& then I tried to ping the different computer & it didnt allow me to ping.
Then I deleted using the command -
iptables -D OUTPUT -o eth0 -p icmp -j DROP
then I couldnt ping also. Another thing I found is my firefox is not connecting to the internet as well, but before writing the script, I can connect to internet.
I am setting up a virtual server. Ubuntu 11.04, "minimal provider image".UFW was disabled by default. I set it to default deny. Allowed HTTP, SSH and other standard stuff, and enabled it. All seems to be OK. Adding one rule to block some annoying security scanners causes ping not to work. I'm not an Iptables expert, but it looks OK to me. I got it from some website, rather than invented it myself, but modified to to fit the ufw config file syntax. What in that rule prevents pings?!? It seems completely unrelated.
i am using SUSE 11.0 KDE 4.0 i had root account installed in 8.0 Gb drive, and a normal account installed in 4.0 Gb drive .And i was using rest of space for windows (NTFS). Now i want to use a drive (NTFS) to linux for additional requirements. i want get write permissions to that drive .. am i able to get ??r else ..i need to format with EXT3?
Im just trying to write some script to caputre memory and cpu usage on SLES servers, I just wanna use "top |grep Mem" and "top |grep Cpu". when I ran the above command, it just keep going. i just want to get one line each for memory and cpu.
I have One Server which is having IP 10.176.0.155. I want that client 10.176.0.135 is not able to ping this server only & cane it is possible to block through hosts.
I need to allow ICMP ping for one host only. I found out how to enable it to all hosts (ICMP Filtering, check ping) but I would like to reduce the scope to one host. I know I can add rules in the user_post script but I can't find the correct iptables command ...
Installed Ubuntu Server 10.10, included Apache, PHP, and OpenSSH. Apache is up and serving pages, I can connect using PuTTY no problem. Server responds to a pingHowever, attempting to use ping or traceroute from the server results in a Destination Unreachable. Happens even for other 192.168.1.10x boxes on the local network
When I ping our Microsoft Windows terminal server "cluster" farm, I get ICMP warnings that there are duplicate packets. I am able to rdesktop to the cluster with no problems. We are trying to setup nagios to run on this Ubuntu configuration and nagios is reporting the following error: "PING WARNING - DUPLICATES! Packet Loss=0%, RTA=.98ms. FPing reports duplicates as well. Is there a setting in the Arp table that needs to be set differently because the "Cluster" MAC address isn't an actual hardware MAC but a virtual MAC address?
I have a dedicated host on my lan to monitor other hosts/services using Nagios. I'm in the process of migrating to Zabbix on that host to perform the same purpose. Both Nagios and Zabbix monitor icmp ping latency (Nagios uses ping, Zabbix uses fping) and over time the latency to other hosts grows until threshold alarms are triggered. In one week, the average latency grows from sub-millisecond to over 100 milliseconds, and continues to grow until the Nagios host is rebooted. I have verified the latency numbers using ping/fping from the command line on the Nagios host.
The problem is that pings from the monitored hosts to the Nagios host show normal latency at the time the Nagios host is showing high latency from itself to the monitored hosts. The Nagios host and monitored hosts are all connected to the same Dell 24 port gigabit switch. I already posted this question on the Zabbix forums with a graph of the latency but there were no answers. [URL] why the icmp ping latency is growing over time and how I can fix it short of rebooting the host on a schedule.
The ip_blacklist chain is used to immediately drop any traffic from specified address ranges, while the tcp_, udp_, and icmp_packets chains contain rules for further processing of those protocols. The last rule in each of the latter three chains drops all packets that didn't match any rules above it; so tcp, udp, and icmp packets should NOT get caught by the default INPUT policy (DROP). The goal of the last rule on the INPUT chain is to then log any packets that are picked up by the default policy. However, it's not working.
I can tell that there are packets being picked off by the default policy because the counters are being incremented, but nothing is logged by that last rule. My conclusion is that it's only looking for tcp, udp, and icmp packets and ignoring everything else.
How to get iptables to log all the other protocols (or whatever is being caught by the default policy)?
i've tried blocking ping requests with iptables.. and it didnt work Quote: iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
also tried editing sysctl.conf.. which worked perfectly but after i restarted the system i was able to ping my ubuntu machine from my lappy here is what i added to sysctl.conf and then executed it with sysctl -p
Quote: net.ipv4.icmp_echo_ignore_all = 1 here is another atempt to block.. this one worked too... but again after the restart i was able to ping my machine.. Quote: echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
In Lucid I have some ufw rules but I figured that I need to limit the ICMP messages that the box responds to and also limit their number. There are iptables rules to accomplish this but since I already have ufw rules it is safe to use iptables only for ICMP rules ?
I've got several language multimedia CD-Rom's, made for Windows 95/98/98 SE and 2000, that I'm using by means of my daughter's old PC (Win 98 SE O.S.). However I noticed, also, that you can perfectly use them even with Windows Vista. What I'd like to know is if you can use them even with Suse/Novell and (why not?) OpenSuse Linux.
OK... I tried everything i could think of... but i still cannot get my Open SUSE 11.1 to mount my samba share at boot! I still don't understand the 11.1 boot sequence. can NE one help me... tell me what files to give you output from... Ty guys P.S. My shares originate from a Windows Server 2003 RC2 machine, and it's dns server doesn't work correctly... so my mount command is
mount -t //192.168.x.x/files/ /nET/ -o username=linux,password=xxxxxx please let me know what other info you need... I don't have the internet, so it will be tommorow b4 i see this again!!! Thanks
When i am adding a user using "useradd -d /home/test test" or "useradd test", it is now creating the home directory, whereas when i am using the graphical mode and going through several menu options, i am getting the home directory.
how to install a D-Link Access Point on Suse 11.0 or steer me toward documentation that will do that? I configured the device on XP following instruction from this forum and the AP configured perfectly.The AP is plugged directly into the network port on the computer. It *should* function correctly without a router. I tried a restart and Suse has no idea it's there. The computer is currently configured for a wired connection which needs to be changed. The computer itself is going to be used as a small home storage server.
I have a disturbing problem with my monitor which goes to sleep (or ??) after few minutes if my comp is not used and most of the time I have to restart my comp.I disabled everything in Powersave , but nothing. I did have that problem in previous versions of SUSE, but somehow, I solved that. I cant remember what I did then.
I've pre-partitioned my HDD and want to install 11.2 on the second primary partition.However, when using the installer, I can't get Suse to install on the prepared 20gb partition - it keeps insisting it wants to install on the large unallocated section of the drive.
I find the partitioner somewhat hard to use and the answer may be staring me in the face but I can't see it.
PackageKit Error repo-not-available: File '/repodata/repomd.xml' not found on medium 'http://download.opensuse.org/repositories/KDE:/KDE4:/Community/openSUSE_11.2/' My 11.2 won't update and gives this error. Anyone know how to fix it?
New Suse 11.3 installation with Gnome desktop. Added K3B using Yast2, and after completing the install of K3B, there is no icon for K3B! Instead there is an "X" and the text for K3B in it.From the main menu -> more applications -> multimedia, is where the K3B icon is.Yast2 is supposed to install any dependencies needed or warn if it can not find any missing dependencies. What is missing, or is it a permission problem? All the other application icons seem fine.
i have set firewall for centos of 192.168.1.21 server like this.
it has a gateway of 192.168.1.2
iptables -P INPUT DROP iptables -A INPUT --in-interface lo -j ACCEPT iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A INPUT -p tcp --destination-port 22 -m mac --mac-source 00:0F:EB:91:00:01 -j ACCEPT iptables -A INPUT -p tcp --destination-port 80 -m mac --mac-source 00:0F:EB:91:00:01 -j ACCEPT
the mac source is my laptop's mac address. But when i try to ping from my laptop of 192.168.0.2 (my gateway is 192.168.0.1 but share the same server that has 3 network gateway including gateway for the centos)it failed. what i should do to enable this ping.i also cannot connect to the centos server unless i change my ip to 192.168.1.x and same gateway as centos.can someone suggest what should i modify my firewall to enable connection to centos server from my 192.168.0.2 laptop? is that related to nat and forward chain in firewall of centos?
I want to block all outgoing traffic with iptables and only allow a few specific websites. I would like to get the code to do so and also to revert the changes in case I want to unblock them.
in my office i have to block all messenger like yahoo messenger, windows live messenger, i have to block websites like www.yahoo.com, some more web sites. i need guidance through which i can accomplish this task through ip tables or through squid server. i can use squid but i had heard that squid blocks pop and smtp also. squid creates some problem in receiving and sending email. i am using red hat linux 4 box and installed squid having two ethernet card 1 is connected to adsl line and 2 is connected to switch. all clients will have proxy address of this linux box. guys need ur help ASAP.
