Gufw and ping

Connection sharing, Firewall, Samba..etc
Forum rules
Before you post please read how to get help
BobMacall
Level 1
Level 1
Posts: 38
Joined: Wed Feb 22, 2012 1:41 pm

Gufw and ping

Postby BobMacall » Sun Jan 20, 2013 1:26 pm

Can you stop ping replies with gufw? I changed /proc/sys/ne/ipv4/icmp_echo_ignore_all to 1
but it doesn't seem to help. I went to Shields-Up site: https://www.grc.com/x/ne.dll?bh0bkyd2
and tested my firewall. It failed! Port 443 https is open. But Gufw default closes all incoming
connections. Plus it's accepting ping.
any ideas?

thanks,
Bob

User avatar
xenopeek
Level 23
Level 23
Posts: 19373
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands

Re: Gufw and ping

Postby xenopeek » Sun Jan 20, 2013 1:53 pm

If you want to block ping requests, edit your /etc/ufw/before.rules file as root and comment out the next line:

Code: Select all

-A ufw-before-input -p icmp --icmp-type echo-request -j ACCEPT

But blocking ping may have adverse effect, I don't know.

I tested port 443 and it is closed here. By default you wouldn't have a service running on port 443. Do you? You can check on which ports you have services running that listen to outside traffic with:

Code: Select all

sudo ufw show listening

You can check your rules set with:

Code: Select all

sudo ufw status verbose

There shoudn't be a rule to allow 443.
Image

BobMacall
Level 1
Level 1
Posts: 38
Joined: Wed Feb 22, 2012 1:41 pm

Re: Gufw and ping

Postby BobMacall » Sun Jan 20, 2013 2:43 pm

Thanks xenopeek! I made the change for ping but the Shields-up site reports the same thing. The site
must not be reporting correctly. I also checked which ports are listening as per your code and 443 was not listed.
The shields-up site seems to be messed up, not reporting correctly. My Gufw settings were the default settings
before the change to /etc/ufw/before.rules.
Thanks again!
Bob

User avatar
xenopeek
Level 23
Level 23
Posts: 19373
Joined: Wed Jul 06, 2011 3:58 am
Location: The Netherlands

Re: Gufw and ping

Postby xenopeek » Sun Jan 20, 2013 3:45 pm

How are you connected to the Internet? If you have a Cable/DSL modem that also has a router, it may have a firewall that is configured too leniently.
Image


Return to “Other networking topics”

Who is online

Users browsing this forum: No registered users and 4 guests