[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: IPTables allow ping.



I am not behind any modem/router this my dedicated server that I am just
setting it up.

Thanks,

Bharath

* Ernest ter Kuile (ernestjw@xs4all.nl) wrote:
>
> I haven't checked your rules, but if you have a modem/router (dsl or  
> other), is configured to allow all icmp ? (just to be sure of course)
>
> Ernest
>
>
> On 13 Jun, 2008, at 21:29, Bharath Ramesh wrote:
>
>> I have a debian amd64 box. I am writing a set of firewall rules. I  
>> want
>> to be able to ping my machine from outside. I wrote the following  
>> rule.
>> I am still unable to ping my machine from outside. Could someone  
>> verify
>> that my rule is correct.
>>
>> # Allow to/be ping(ed).
>> $IPT --append INPUT --in-interface $EXTIF --protocol icmp --icmp-type 0 
>> \
>>      --destination $EXTIP --match state --state  
>> NEW,ESTABLISHED,RELATED \
>>      --jump ACCEPT
>> $IPT --append INPUT --in-interface $EXTIF --protocol icmp --icmp-type 8 
>> \
>> 	--destination $EXTIP --match state --state NEW,ESTABLISHED,RELATED \
>> 	--jump ACCEPT
>> $IPT --append OUTPUT --out-interface $EXTIF --protocol icmp --icmp- 
>> type 0 \
>> 	--source $EXTIP --match state --state NEW,ESTABLISHED,RELATED \
>> 	--jump ACCEPT
>> $IPT --append OUTPUT --out-interface $EXTIF --protocol icmp --icmp- 
>> type 8 \
>> 	--source $EXTIP --match state --state NEW,ESTABLISHED,RELATED \
>> 	--jump ACCEPT
>>
>> I am able to ping other m/c from my m/c but I am not able to ping from
>> outside.
>>
>> Thanks,
>>
>> Bharath
>>
>> ---
>> Bharath Ramesh       <bramesh@vt.edu>       http://people.cs.vt.edu/~bramesh
>>
>>
>> -- 
>> To UNSUBSCRIBE, email to debian-amd64-REQUEST@lists.debian.org
>> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>>
>
>
> -- 
> To UNSUBSCRIBE, email to debian-amd64-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

---
Bharath Ramesh       <bramesh@vt.edu>       http://people.cs.vt.edu/~bramesh


Reply to: