On Sun, Oct 01, 2000 at 04:04:36PM -0500, William Jensen wrote: > An update to myself...in case others are having this problem: > > I added the following rule to my script: > > $IPT -A INPUT -p icmp --icmp-type 0 -j ACCEPT > > My understanding is now the box will accpet 'echo replies' that I would generate > by 'ping debian.org'. I then went to another pc on the net and tried to ping > my own box and it still just drops the packets. (which I want) Can anyone see > anything wrong with what I've done? I don't think 'echo reply' is --icmp-type 0. Do a /sbin/ipchains -h icmp. To get icmp replies, enable pong: /sbin/ipchains -A input -p icmp --icmp-type pong -j ACCEPT (not sure what the numerical value for pong is) -- John______________________________________________________________________ email: john@fjellstad.org Quis custodiet ipsos custodes icq: thales @ 17755648 ##### I'm subscribed to this list, no need to cc: ######
Attachment:
pgpRbrYQN1d8U.pgp
Description: PGP signature