ipfw And ping
Tim Daneliuk
tundra at tundraware.com
Fri Dec 2 02:56:11 UTC 2011
On 12/01/2011 08:56 PM, Robert Bonomi wrote:
>> From owner-freebsd-questions at freebsd.org Thu Dec 1 17:27:19 2011
>> Date: Thu, 01 Dec 2011 17:25:04 -0600
>> From: Tim Daneliuk<tundra at tundraware.com>
>> To: FreeBSD Mailing List<freebsd-questions at freebsd.org>
>> Subject: ipfw And ping
>>
>> I have a fairly restrictive ipfw setup on a FBSD 8.2-STABLE machine.
>> Pings were not getting through so I added this near the top
>> of the rule set:
>>
>> #####
>> # Allow icmp
>> #####
>>
>> ${FWCMD} add allow icmp from any to any
>>
>>
>> It does work but, two questions:
>>
>> 1) Is there a better way?
>> 2) Will this cause harm or otherwise expose the server to some vulnerability?
>
> FIRST question: Are you trying to make _outgoing_ ping work, or let the
> outside world 'ping' internal machines on your network? What you wrote
> is not clear on this point.
Both.
More information about the freebsd-questions
mailing list