Linux Mint Forums

[BobMacall]

Can you stop ping replies with gufw? I changed /proc/sys/ne/ipv4/icmp_echo_ignore_all to 1
but it doesn't seem to help. I went to Shields-Up site: https://www.grc.com/x/ne.dll?bh0bkyd2
and tested my firewall. It failed! Port 443 https is open. But Gufw default closes all incoming
connections. Plus it's accepting ping.
any ideas?

thanks,
Bob

[xenopeek]

If you want to block ping requests, edit your /etc/ufw/before.rules file as root and comment out the next line:

Code: Select all

-A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT

But blocking ping may have adverse effect, I don't know.

I tested port 443 and it is closed here. By default you wouldn't have a service running on port 443. Do you? You can check on which ports you have services running that listen to outside traffic with:

Code: Select all

sudo ufw show listening

You can check your rules set with:

Code: Select all

sudo ufw status verbose

There shoudn't be a rule to allow 443.

[BobMacall]

Thanks xenopeek! I made the change for ping but the Shields-up site reports the same thing. The site
must not be reporting correctly. I also checked which ports are listening as per your code and 443 was not listed.
The shields-up site seems to be messed up, not reporting correctly. My Gufw settings were the default settings
before the change to /etc/ufw/before.rules.
Thanks again!
Bob

[xenopeek]

How are you connected to the Internet? If you have a Cable/DSL modem that also has a router, it may have a firewall that is configured too leniently.