[Techtalk] Re: iptables query - fairly ungent!

Raven Alder raven at oneeyedcrow.net
Tue Sep 28 05:38:27 EST 2004


Heya --

Quoth Devdas Bhagat (Tue, Sep 28, 2004 at 02:20:05PM +0530):
> > By the way, am I interpreting this correctly in thinking that an
> > external 'ping' will produce a useful response?
> 
> Yes. Don't block ICMP unless you know what you are doing, you can
> break things rather badly.

	Indeed.  I answered this question so much, and had to argue it
with firewall admins so many times at work (I'm a consultant -- it's not
that my admins are dense, it's that I move sites a lot), that I just
made a web page and referred people to it.

http://tech.oneeyedcrow.net/icmp-filtering.html

	Hope that helps!

Cheers,
Raven
 
"We need the Internet Bitch-Slap Protocol."
 -- Pixie


More information about the Techtalk mailing list