How to filter ICMP timestamp requests?
Hi there,
why isn't it enough to add the following to the beginning of
I50external.rul:
$IPCHAINS -A input -j DENY -i $i -p ICMP -d $IPOFIF/32 13
Here's the output of ipchains -L -v: (eth0: external IF, eth1: int. IF)
Chain input (policy DENY: 27931 packets, 1507290 bytes):
pkts bytes target prot opt tosa tosx ifname mark outsize
source destination ports
562 61793 ACCEPT all ------ 0xFF 0x00 lo
anywhere anywhere n/a
704 76005 ACCEPT all ------ 0xFF 0x00 eth1
internal-net/24 anywhere n/a
0 0 DENY icmp ------ 0xFF 0x00 eth0
anywhere firewall any -> 13
"Firewall" is the ext. IP address of our firewall.
CyberCop is STILL able to retrieve the timestamp via ICMP.
Any ideas?!
TIA,
Ralf
--
Sign the EU petition against SPAM: L I N U X .~.
http://www.politik-digital.de/spam/ The Choice /V\
of a GNU /( )\
Generation ^^-^^
Reply to: