Feisty and ping

Tony Arnold tony.arnold at manchester.ac.uk
Fri Jun 15 20:01:21 UTC 2007



spacemarc wrote:
> 2007/6/15, Tony Arnold <tony.arnold at manchester.ac.uk>:
>> Try disabling ICMP filtering and see if that fixes the problem. Which
>> options for ICMP filtering do you have turned on in Firestarter? And are
>> there any events logged when you try to ping a remote machine?
> 
> I have disabled and thi ping works fine, but I must to enable it with
> only unreachable option enabled in order to block the ping to my PC.
> 
> In /var/log  there are this rows (related ping to google.com from my PC):
> 
> Jun 15 20:56:41 ubuntu kernel: [ 4378.452000] Inbound IN=ppp0 OUT=
> MAC= SRC=64.233.183.104 DST=87.7.my.ip LEN=84 TOS=0x00 PREC=0x00
> TTL=238 ID=0 DF PROTO=ICMP TYPE=0 CODE=0 ID=60764 SEQ=36

OK, this is an echo reply packet, i.e., the packet that comes back as a
result of sending out the ping packet.

In your ICMP filtering in firestarter you should allow the echo reply
option, but disable the rest.

Regards,
Tony.
-- 
Tony Arnold, IT Security Coordinator, University of Manchester,
IT Services Division, Kilburn Building, Oxford Road, Manchester M13 9PL.
T: +44 (0)161 275 6093, F: +44 (0)870 136 1004, M: +44 (0)773 330 0039
E: tony.arnold at manchester.ac.uk, H: http://www.man.ac.uk/Tony.Arnold




More information about the ubuntu-users mailing list