Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

How can I restrict ping information to allow a set of machines to ping freely without restrictions, while preventing other hosts from pinging through the firewall?

freely hosts machines ping Restrict
0
Posted

How can I restrict ping information to allow a set of machines to ping freely without restrictions, while preventing other hosts from pinging through the firewall?

0 CommentsAdd a Comment

1 Answer

0

Create two rules, one to allow the set of machines to send echo-requests and another to allow that same set of machines to receive echo-replies. You can combine the two rules, either by putting both services in the same rule or by specifying “echo” (a pre-defined group which includes echo-request and echo-reply) as the service. Because ping is an ICMP service and therefore has no port numbers, it is treated differently from other services, such as FTP and TELNET, which are automatically allowed to return information. The ping information is checked when it leaves and when it comes back, preventing a single rule from allowing a set of machines unrestricted pings, as the returns from the remote machines are dropped by FireWall-1.

0 CommentsAdd a Comment
What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123