โ ๏ธ Warning: This post is over a year old, the information may be out of date.
๐ How to disable ICMP ping replies (linux)
๐ | โฐ 1 minutes
Few weeks ago during server setup phase for one of my project, I notice there is no ICMP or ping replies from server and some port are not able to access.
I told the network engineer to check and seem they blocking the ports and disabling ICMP replies from their firewall configuration.
From that accident I do some google-fu if I can do same thing for personal computer / server. We can setting the kernel variable or use iptable to disable ICMP / ping replies if requested.
Temporarily disable ICMP / ping replies
$ su -
echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
# This instructs the kernel to simply ignore all ping requests
# 1 = ignore ping requests and 0 = allow ping request
or
$ iptables -A INPUT -p icmp -j DROP
Permanently disable ICMP / ping replies
To disable ping requests permanently, add this line into your /etc/sysctl.conf file:
net.ipv4.icmp_echo_ignore_all = 1
And reload sysctl’s policy by # sysctl -p.
Or save iptables rule by
# for distros with systemd
/usr/libexec/iptables.init save
# for all other distros
service iptables save
# univeral way: edit main config by yourself
vim /etc/sysconfig/iptables
Posted by: Hugo
Hugo
he / him / his
Hugo
Hi! I’m Robbi Nespu. Welcome to my blog, where I share my experiences in software development, DevOps, information security, finance, real estate, and my personal adventures, including my activities in ham/cb radio (my callsign is 9W2NSP / 113MSNSP). For more details, feel free to check out the README section