Gufw and ping

Connection sharing, Firewall, Samba..etc
Forum rules
Before you post please read this

Gufw and ping

Postby BobMacall on Sun Jan 20, 2013 1:26 pm

Can you stop ping replies with gufw? I changed /proc/sys/ne/ipv4/icmp_echo_ignore_all to 1
but it doesn't seem to help. I went to Shields-Up site: https://www.grc.com/x/ne.dll?bh0bkyd2
and tested my firewall. It failed! Port 443 https is open. But Gufw default closes all incoming
connections. Plus it's accepting ping.
any ideas?

thanks,
Bob
BobMacall
Level 1
Level 1
 
Posts: 36
Joined: Wed Feb 22, 2012 1:41 pm

Linux Mint is funded by ads and donations.
 

Re: Gufw and ping

Postby xenopeek on Sun Jan 20, 2013 1:53 pm

If you want to block ping requests, edit your /etc/ufw/before.rules file as root and comment out the next line:
Code: Select all
-A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT

But blocking ping may have adverse effect, I don't know.

I tested port 443 and it is closed here. By default you wouldn't have a service running on port 443. Do you? You can check on which ports you have services running that listen to outside traffic with:
Code: Select all
sudo ufw show listening

You can check your rules set with:
Code: Select all
sudo ufw status verbose

There shoudn't be a rule to allow 443.
User avatar
xenopeek
Level 21
Level 21
 
Posts: 14851
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands

Re: Gufw and ping

Postby BobMacall on Sun Jan 20, 2013 2:43 pm

Thanks xenopeek! I made the change for ping but the Shields-up site reports the same thing. The site
must not be reporting correctly. I also checked which ports are listening as per your code and 443 was not listed.
The shields-up site seems to be messed up, not reporting correctly. My Gufw settings were the default settings
before the change to /etc/ufw/before.rules.
Thanks again!
Bob
BobMacall
Level 1
Level 1
 
Posts: 36
Joined: Wed Feb 22, 2012 1:41 pm

Re: Gufw and ping

Postby xenopeek on Sun Jan 20, 2013 3:45 pm

How are you connected to the Internet? If you have a Cable/DSL modem that also has a router, it may have a firewall that is configured too leniently.
User avatar
xenopeek
Level 21
Level 21
 
Posts: 14851
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands


Return to Other networking topics

Who is online

Users browsing this forum: No registered users and 2 guests