Mailinglist Archive: opensuse (1470 mails)

< Previous Next >
Re: [opensuse] What is the meaning of these firewall log entries?
On 2016-02-13 05:12, John Andersen wrote:
On 02/12/2016 07:47 PM, Carlos E. R. wrote:
Ping was never blocked. It was ICMP which was blocked, but not ping.

Is there a difference?


https://en.wikipedia.org/wiki/Ping_(networking_utility)

Yes.

Regardless of what that article might say, the command "ping
192.168.1.15" was working with icmp blocked.

ICMP is a protocol, and there are several types. A ping is "icmp echo".


Look, I have just disabled icmp, and tried ping; it works:

Telcontar:~ # ping 192.168.1.15
PING 192.168.1.15 (192.168.1.15) 56(84) bytes of data.
64 bytes from 192.168.1.15: icmp_seq=1 ttl=64 time=0.334 ms
64 bytes from 192.168.1.15: icmp_seq=2 ttl=64 time=0.334 ms
^C
--- 192.168.1.15 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.334/0.334/0.334/0.000 ms
Telcontar:~ #

The SuSEfirewall2 treats "pings" differently.

Perhaps this one:

# Allow the firewall to reply to icmp echo requests
#
# defaults to "yes" if not set
#
FW_ALLOW_PING_FW=""


Notice that the default is yes.

--
Cheers / Saludos,

Carlos E. R.
(from 13.1 x86_64 "Bottle" at Telcontar)

< Previous Next >