Hi everyone.
I am trying out something with ipchains so that when I ping the ip address
of my ethernet on my linux box, I will receive destination port unreachable.
I tried ipchains -A input -j REJECT -p icmp --icmp-type port-unreachable -i
eth0 -s 0.0.0.0/0 -d 192.168.1.1 but I can still receive an echo-reply. I
even tried destination-unreachable, same behavior.
I tried ipchains -A input -j REJECT -p icmp --icmp-type ping -i eth0 -s
0.0.0.0/0 -d 192.168.1.1 and it worked but what I received was "Request
timed out". I knew that this was type 8 when I made a ipchains -L -n.
REJECT icmp ------ 0.0.0.0/0 192.168.1.1 8 -> *
I tried blocking the whole icmp using ipchains -A input -j REJECT -p icmp -i
eth0 -s 0.0.0.0/0 -d 192.168.1.1 and I received destination port
unreachable. This is what I want but I am worried about this since I am
blocking the whole icmp. Is this fine? Or do I need to add another REJECT
statement with another icmp-type?
Thanks in advance. :-)
--
.-------------------------------------------------------.
.^. | Ronneil R. Camara | [EMAIL PROTECTED] |
/V\ |--------------------| +632 6354086 +63917 5326993 |
// \\ | "Anyone who has `----------------------------------|
/( )\ | never made a mistake has never tried anything new." |
^^-^^ `-------------------------------------------------------'
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
