โ ๏ธ Warning: This post is over a year old, the information may be out of date.
๐ How to disable ICMP ping replies (linux)
๐ | โฐ 1 minutes
Few weeks ago during server setup phase for one of my project, I notice there is no ICMP or ping replies from server and some port are not able to access.
I told the network engineer to check and seem they blocking the ports and disabling ICMP replies from their firewall configuration.
From that accident I do some google-fu if I can do same thing for personal computer / server. We can setting the kernel variable or use iptable to disable ICMP / ping replies if requested.
Temporarily disable ICMP / ping replies
$ su -
echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all
# This instructs the kernel to simply ignore all ping requests
# 1 = ignore ping requests and 0 = allow ping request
or
$ iptables -A INPUT -p icmp -j DROP
Permanently disable ICMP / ping replies
To disable ping requests permanently, add this line into your /etc/sysctl.conf file:
net.ipv4.icmp_echo_ignore_all = 1
And reload sysctl’s policy by # sysctl -p.
Or save iptables rule by
# for distros with systemd
/usr/libexec/iptables.init save
# for all other distros
service iptables save
# univeral way: edit main config by yourself
vim /etc/sysconfig/iptables
Posted by: Robbi Nespu
Robbi Nespu
he / him / his
Robbi Nespu
Hi! I’m Robbi Nespu. Welcome to my blog, where I share my experiences in software development, DevOps, information security, finance, real estate, and my personal adventures, including my activities in ham radio (my callsign is 9W2NSP). For more details, feel free to check out the README section