IPTables - Filter ICMP Address Mask Request & Replies

« Compress Whitespace With tr Shell Command

IPTables - Filter ICMP Timestamp Requests & Replies »

IPTables - Filter ICMP Address Mask Request & Replies

11/17/09

07:29:12 am, by admin

, 113 words

Categories: Project Gallery

IPTables - Filter ICMP Address Mask Request & Replies

Here's how to filter or block ICMP address mask requests and replies.

On Redhat/CentOS, edit /etc/sysconfig/iptables and add the following lines

-A RH-Firewall-1-INPUT -p ICMP --icmp-type address-mask-request -j DROP
-A RH-Firewall-1-INPUT -p ICMP --icmp-type address-mask-reply -j DROP

and then run:

/sbin/iptables restart

Or run the following commands:

/sbin/iptables -I RH-Firewall-1-INPUT 1 -p ICMP --icmp-type address-mask-request -j DROP
/sbin/iptables -I RH-Firewall-1-INPUT 1 -p ICMP --icmp-type address-mask-reply -j DROP
/sbin/service iptables save

Recently on an Ubantu server we just added these lines to /etc/rc.local:

/sbin/iptables -I INPUT 1 -p ICMP --icmp-type address-mask-request -j DROP
/sbin/iptables -I INPUT 1 -p ICMP --icmp-type address-mask-reply -j DROP

Permalink Leave a comment »

No feedback yet

Comment feed for this post

July 2010
Sun	Mon	Tue	Wed	Thu	Fri	Sat
<< <		> >>
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Reliable Penguin

Reliable Penguin offers Linux Server Migrations, Systems Administration & Programming. Visit our main website at:

http://www.reliablepenguin.com

Search

XML Feeds

RSS 2.0: Posts, Comments
Atom: Posts, Comments

What is RSS?