How to disable or allow ping in Linux-LINUX-php.cn

How to disable or allow ping in Linux

WBOY

Release： 2024-01-09 20:05:51

forward

734 people have browsed it

Linux allows Ping responses by default. Whether the system allows Ping is determined by two factors:

1. Kernel parameters
2. Firewall

You need to allow 2 factors at the same time to allow ping. If any of the 2 factors disables ping, ping will not be possible.

The specific configuration method is as follows:

1. Kernel parameter settings

1. Allow Ping settings

A. The command to temporarily allow PING operation is: #echo 0 >/proc/sys/net/ipv4/icmp_echo_ignore_all
B. Permanently allow PING configuration method.

Add a line to/etc/sysctl.conf

net.ipv4.icmp_echo_ignore_all=1

If the line net.ipv4.icmp_echo_ignore_all already exists, just modify the value after the = sign (0 means allowed, 1 means forbidden).

After the modification is completed, execute sysctl -p to make the new configuration take effect.

2. Disable Ping settings

A. The command to temporarily disable PING is:

#echo 1 >/proc/sys/net/ipv4/icmp_echo_ignore_all

B. Permanently allow PING configuration method.

Add a line to/etc/sysctl.conf

net.ipv4.icmp_echo_ignore_all=0

If there is already a line of net.ipv4.icmp_echo_ignore_all, just modify the value after the = sign. (0 means allowed, 1 means forbidden)

After the modification is completed, execute sysctl -p to make the new configuration take effect.

2. Firewall settings

Note: The premise of the method here is that the kernel configuration is the default value, that is, Ping is not prohibited)
Here Iptables firewall is used as an example. For other firewall operation methods, please refer to the official documentation of the firewall.

1. Allow Ping settings

iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT

Or you can also temporarily stop the firewall operation.

service iptables stop

2. Disable Ping settings

iptables -A INPUT -p icmp --icmp-type 8 -s 0/0 -j DROP

The above is the detailed content of How to disable or allow ping in Linux. For more information, please follow other related articles on the PHP Chinese website!