ubuntu:ping:disable_ping
Ubuntu - Ping - Disable ping
You can disable all ICMP traffic on a linux machine, by the following method.
echo 1 >/proc/sys/net/ipv4/icmp_echo_ignore_all
The above method is only temporary. In fact anything you modify inside /proc will only stay until the reboot.
To make that permanent, you need to add the below line in /etc/sysctl.conf file.
- /etc/sysctl.conf
net.ipv4.conf.icmp_echo_ignore_all = 1
Doing a TCPDUMP on the machine, with icmp disabled will show you only echo_requests, because all ICMP request are ignored by the machine (No reply of any kind, so there is no mechnism to know whether its dropped or not).
tcpdump -v icmp
result:
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes 02:50:51.827077 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: ICMP (1), length: 84) 192.168.0.102 > 192.168.0.103: ICMP echo request, id 34826, seq 11, length 64 02:50:52.827101 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: ICMP (1), length: 84) 192.168.0.102 > 192.168.0.103: ICMP echo request, id 34826, seq 12, length 64 02:50:53.826859 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: ICMP (1), length: 84) 192.168.0.102 > 192.168.0.103: ICMP echo request, id 34826, seq 13, length 64
ubuntu/ping/disable_ping.txt · Last modified: 2020/07/15 09:30 by 127.0.0.1