Ubuntu: block icmp requests (from fixed network)



Question:

On my linux box I've 2NICS:

br0 192.168.1.0/24 (192.168.1.1 server)  eth1 192.168.2.0/24 lan1  eth2 192.168.3.0/24 lan  [...]  

there's a routing from eth1 to br0 and also from eth2 to br0

I droppped icmp requests on eth1:

iptables -A INPUT -i eth1 -p  icmp --icmp-type echo-request -j DROP  

but I also want block icmp requests ONLY from 192.168.2.0/24 network on 192.168.1.1.


Solution:1

Sounds like the below rule should be your fix:

iptables -A INPUT -s 192.168.2.0/24 -d 192.168.1.1 -p icmp --icmp-type echo-request -j DROP

Anything from source 192.168.2.0/24 with destination 192.168.1.1 with protocol icmp with type echo-request will be DROP'd.

Hope this helps.


Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Previous
Next Post »