Page 1 of 1
Gufw and ping
Posted: Sun Jan 20, 2013 1:26 pm
by BobMacall
Can you stop ping replies with gufw? I changed /proc/sys/ne/ipv4/icmp_echo_ignore_all to 1
but it doesn't seem to help. I went to Shields-Up site:
https://www.grc.com/x/ne.dll?bh0bkyd2
and tested my firewall. It failed! Port 443 https is open. But Gufw default closes all incoming
connections. Plus it's accepting ping.
any ideas?
thanks,
Bob
Re: Gufw and ping
Posted: Sun Jan 20, 2013 1:53 pm
by xenopeek
If you want to block ping requests, edit your /etc/ufw/before.rules file as root and comment out the next line:
Code: Select all
-A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT
But blocking ping may have adverse effect, I don't know.
I tested port 443 and it is closed here. By default you wouldn't have a service running on port 443. Do you? You can check on which ports you have services running that listen to outside traffic with:
You can check your rules set with:
There shoudn't be a rule to allow 443.
Re: Gufw and ping
Posted: Sun Jan 20, 2013 2:43 pm
by BobMacall
Thanks xenopeek! I made the change for ping but the Shields-up site reports the same thing. The site
must not be reporting correctly. I also checked which ports are listening as per your code and 443 was not listed.
The shields-up site seems to be messed up, not reporting correctly. My Gufw settings were the default settings
before the change to /etc/ufw/before.rules.
Thanks again!
Bob
Re: Gufw and ping
Posted: Sun Jan 20, 2013 3:45 pm
by xenopeek
How are you connected to the Internet? If you have a Cable/DSL modem that also has a router, it may have a firewall that is configured too leniently.