ICMP Packets



  • Hi

    I have a SIP trunk which registers from a specific IP Address and works fine. I see inbound traffic on 5060 every few minutes.

    Looking at my logs I also get ICMP packets from 2 IP Addresses in the same range as the SIP carrier.
    These appear every couple of seconds. All day everyday.

    The addresses are nothing to do with the trunk, the carrier only specifies you need to allow the IP Address I've allowed.
    They are being blocked, but should the carrier be sending them constantly ?

    I am going to email them, just wondered if anyone had seen anything similar.

    Thanks


  • Banned

    No, probably because I'm not blocking ping.


  • Rebel Alliance Global Moderator

    ^ exactly I really don't see a legit reason to block icmp reply.. Don't you want to be able to tell if your pfsense atleast up answering ping if your away?  Sure many services will check to see if they can ping you before sending traffic.  If you allowed those, the frequency could drop off, etc.



  • Thanks for the replies.
    The default installation seems to have blocked ping (ICMP), do I need to add a rule to allow it ?

    Or is it an option within the configuration ?

    Thanks again



  • All inbound traffic is blocked on WAN by default.  You have to add a rule to allow ICMP.



  • Rebel Alliance Global Moderator

    so KOM is allowing all forms of icmp, here I only allow an echoreq (ie ping)..  But I do have a specific reject rule so that traceroute works to pfsense as well.




  • How do you do that? I am researching this for 4 hours now but could not get any information on how to set the Icmp options


  • Rebel Alliance

    When you create the FW Rule:

    Protocol = ICMP

    ICMP type = Select/Choose one from the dropdown list




  • thanks a lot, i didn't realize that the screen changes with the protocol selected

    @thread_owner: sorry for hijacking your thread



  • Thanks for the replies.
    I spoke to the owner of the addresses to see what they are, I've also added a rule to allow ICMP echoreq.

    Thanks