Thursday, June 9, 2011

Drop all ping packets

*************************************************
To drop all ping packets all together
*************************************************

You can setup kernel variable to drop all ping packets.

# echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all

This instructs the kernel to simply ignore all ping requests (ICMP type 0 messages).


To enable ping request type the command:

# echo "0" > /proc/sys/net/ipv4/icmp_echo_ignore_all

[or]

You can drop by adding following line to /etc/sysctl.conf file:

net.ipv4.icmp_echo_ignore_all = 1

Save and close the file.

No comments:

Post a Comment