News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  General Questions
linktree Topic: Blocking ICMP traffic to specific external internet IP
Pages: [1]
Topic: Blocking ICMP traffic to specific external internet IP  (Read 1614 times)
« on: September 23, 2012, 04:48:58 »
morthawt *
Posts: 20
I have tried everything and I cannot figure out how I can block ICMP to certain internet addresses. I have two m0n0 firewalls running and have tried rules on both the internal and external m0n0wall systems and nothing is blocking ICMP to a certain IP. I was able to do it trivially with IPcop and I assume I have done something incorrectly because the rule system exists so I would like to know the proper way to block outbound ICMP to an external (internet based) IP address?

thanks
« Reply #1 on: September 23, 2012, 05:36:58 »
Fred Grayson *****
Posts: 994
Note the placement of the blocking rule in relation to the Default LAN to any rule.

Also, reset the firewall states if you already have open connection to the host you wish to block.

* Snap1.jpg (101.38 KB, 665x494 - viewed 224 times.)
« Last Edit: September 23, 2012, 05:40:16 by Fred Grayson »
--
Google is your friend and Bob's your uncle.
« Reply #2 on: September 23, 2012, 05:53:44 »
morthawt *
Posts: 20
Perfect! Thanks. Everything I had done was good except the whole states thing. All I need to remember is to reset the states after important changes then correct?
« Reply #3 on: September 23, 2012, 06:39:00 »
Fred Grayson *****
Posts: 994
Well, resetting the states breaks all open connections. If you (or someone else behind the m0n0wall) have an important upload/download running, then that work will be lost. Other than that, it's harmless and should be done.
--
Google is your friend and Bob's your uncle.
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines