Mailinglist Archive: opensuse (1470 mails)

< Previous Next >
Re: [opensuse] What is the meaning of these firewall log entries?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 02/12/2016 08:32 PM, Carlos E. R. wrote:
On 2016-02-13 05:12, John Andersen wrote:
On 02/12/2016 07:47 PM, Carlos E. R. wrote:
Ping was never blocked. It was ICMP which was blocked, but not ping.

Is there a difference?


https://en.wikipedia.org/wiki/Ping_(networking_utility)

Yes.

Regardless of what that article might say, the command "ping 192.168.1.15"
was working with
icmp blocked.

ICMP is a protocol, and there are several types. A ping is "icmp echo".


Look, I have just disabled icmp, and tried ping; it works:

Telcontar:~ # ping 192.168.1.15 PING 192.168.1.15 (192.168.1.15) 56(84) bytes
of data. 64 bytes
from 192.168.1.15: icmp_seq=1 ttl=64 time=0.334 ms 64 bytes from
192.168.1.15: icmp_seq=2
ttl=64 time=0.334 ms ^C --- 192.168.1.15 ping statistics --- 2 packets
transmitted, 2 received,
0% packet loss, time 999ms rtt min/avg/max/mdev = 0.334/0.334/0.334/0.000 ms
Telcontar:~ #

The SuSEfirewall2 treats "pings" differently.

Perhaps this one:

# Allow the firewall to reply to icmp echo requests # # defaults to "yes" if
not set #
FW_ALLOW_PING_FW=""


Notice that the default is yes.

If you can ping then ping is allowed, and susefirewall is not running or is not
configured to block.

Defaults to YES if not set, and yours shows it is not set. So you are not
blocking ping.

Susefirewall is very special (so I'm told), yet even it does not somehow
rewrite RFC 792, one of
the oldest RFCs defining the internet.



- --
After all is said and done, more is said than done.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iEYEARECAAYFAla+tdwACgkQv7M3G5+2DLJOjwCdFd/+y0Y+z4MqbH/DjNgt+M4c
buwAniCs3uoxa5SNo81opY3ZALWzuOpj
=FBQx
-----END PGP SIGNATURE-----
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups