Re: make ping executable by normal users?
Hi.
On Mon, Jun 06, 2016 at 03:57:47PM +0200, Santiago Vila wrote:
> On Mon, Jun 06, 2016 at 10:06:54AM +1200, Jan Bakuwel wrote:
> > Check your firewall rules.
>
> It can't be firewall rules. Try this to block outgoing ping:
>
> iptables -A OUTPUT -p icmp --icmp-type echo-request -j REJECT
>
> then try to ping anywhere. You will get a different error message,
> namely "Destination Port Unreachable".
But if you transform the rule in question a little, like this:
iptables -I OUTPUT -p icmp --icmp-type echo-request \
-j REJECT --reject-with icmp-admin-prohibited
ping will respond with 'Operation not permitted'. An exact wording of the
message seems to depend on actual ping implementation.
So, checking firewall rules is a valid advice. It's just this particular
problem happens due to lack of file capabilities.
Reco
Reply to: