[CentOS] Ping and traceroute...

John Doe jdmls at yahoo.com
Mon Jan 26 10:20:31 UTC 2009

> However do you have the luxury of having your members coming from a block of IPs

World wide website... so it is either everything or nothing...

> Blocking ping has always been a pet peeve of mine. Aside from violating RFC-1122 
> ( Echo Request/Reply: RFC-792 Every host MUST implement an ICMP Echo 
> server function that receives Echo Requests and sends corresponding Echo 
> Replies.) 
> It provides *no* additional security & makes troubleshooting network issues that 
> much more difficult.

So I guess I will look into adding these rules into shorewall.

Thx for all the answers,


More information about the CentOS mailing list