{"id":553277,"date":"2022-02-15T12:52:44","date_gmt":"2022-02-15T04:52:44","guid":{"rendered":"http:\/\/4563.org\/?p=553277"},"modified":"2022-02-15T12:52:44","modified_gmt":"2022-02-15T04:52:44","slug":"how-to-deny-icmp-ping-requests","status":"publish","type":"post","link":"http:\/\/4563.org\/?p=553277","title":{"rendered":"How to deny ICMP ping requests"},"content":{"rendered":"\n<p>  \t\t\t\t\t<strong>xiaomifan<\/strong>  \t\t\t\t\u5927\u4f6c\u6709\u8bdd\u8bf4 : \t<\/p>\n<h3>How to deny ICMP ping requests<\/h3>\n<p>  \t\tInstructions<br \/>  Update UFW rules<br \/>  In order to deny any incoming ICMP ping requests we need to modify \/etc\/ufw\/before.rules UFW\u2019s configuration file. First, make a backup copy:<\/p>\n<p>  $ sudo cp \/etc\/ufw\/before.rules \/etc\/ufw\/before.rules_backup<br \/>  Next, open the file with root privileges using your favorite text editor and change:<\/p>\n<p>  FROM:<\/p>\n<p>  # ok icmp codes for INPUT<br \/>  -A ufw-before-input -p icmp &#8211;icmp-type destination-unreachable -j ACCEPT<br \/>  -A ufw-before-input -p icmp &#8211;icmp-type source-quench -j ACCEPT<br \/>  -A ufw-before-input -p icmp &#8211;icmp-type time-exceeded -j ACCEPT<br \/>  -A ufw-before-input -p icmp &#8211;icmp-type parameter-problem -j ACCEPT<br \/>  -A ufw-before-input -p icmp &#8211;icmp-type echo-request -j ACCEPT<br \/>  TO:<\/p>\n<p>   # ok icmp codes for INPUT<br \/>  -A ufw-before-input -p icmp &#8211;icmp-type destination-unreachable -j DROP<br \/>  -A ufw-before-input -p icmp &#8211;icmp-type source-quench -j DROP<br \/>  -A ufw-before-input -p icmp &#8211;icmp-type time-exceeded -j DROP<br \/>  -A ufw-before-input -p icmp &#8211;icmp-type parameter-problem -j DROP<br \/>  -A ufw-before-input -p icmp &#8211;icmp-type echo-request -j DROP<\/p>\n<p>  Alternatively, use the below sed command to perform the change:<\/p>\n<p>  $ sudo sed -i &#8216;\/ufw-before-input.*icmp\/s\/ACCEPT\/DROP\/g&#8217; \/etc\/ufw\/before.rules<br \/>  Enable Firewall<br \/>  Enable UFW firewall using the following linux command:<\/p>\n<p>  $ sudo ufw enable<br \/>  Alternatively, if your firewall is already enabled you can reload it with:<\/p>\n<p>  $ sudo ufw reload\t\t\t\t<\/p>\n<p>  \t\t\t\t\t<strong>hcyme<\/strong>  \t\t\t\t\u5927\u4f6c\u6709\u8bdd\u8bf4 : \t<\/p>\n<h3><\/h3>\n<p>  \t\t\u4e0d\u65b9\u4fbf\uff0c\u81ea\u5df1\u90fd\u770b\u4e0d\u5230\t\t\t  <\/p>\n","protected":false},"excerpt":{"rendered":"<p>xiaomifan \u5927\u4f6c\u6709\u8bdd\u8bf4 :&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[],"tags":[],"_links":{"self":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/553277"}],"collection":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=553277"}],"version-history":[{"count":0,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/553277\/revisions"}],"wp:attachment":[{"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=553277"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=553277"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=553277"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}