[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: IPTables allow ping.
I haven't checked your rules, but if you have a modem/router (dsl or other), is configured to allow all icmp ? (just to be sure of course) 

Ernest


On 13 Jun, 2008, at 21:29, Bharath Ramesh wrote:
I have a debian amd64 box. I am writing a set of firewall rules. I want to be able to ping my machine from outside. I wrote the following rule. I am still unable to ping my machine from outside. Could someone verify 
that my rule is correct.

# Allow to/be ping(ed).
$IPT --append INPUT --in-interface $EXTIF --protocol icmp --icmp- type 0 \ --destination $EXTIP --match state --state NEW,ESTABLISHED,RELATED \ 
     --jump ACCEPT
$IPT --append INPUT --in-interface $EXTIF --protocol icmp --icmp- type 8 \ 
	--destination $EXTIP --match state --state NEW,ESTABLISHED,RELATED \
	--jump ACCEPT
$IPT --append OUTPUT --out-interface $EXTIF --protocol icmp --icmp- type 0 \ 
	--source $EXTIP --match state --state NEW,ESTABLISHED,RELATED \
	--jump ACCEPT
$IPT --append OUTPUT --out-interface $EXTIF --protocol icmp --icmp- type 8 \ 
	--source $EXTIP --match state --state NEW,ESTABLISHED,RELATED \
	--jump ACCEPT

I am able to ping other m/c from my m/c but I am not able to ping from
outside.

Thanks,

Bharath

---
Bharath Ramesh       <bramesh@vt.edu>       http://people.cs.vt.edu/~bramesh


--
To UNSUBSCRIBE, email to debian-amd64-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: