Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ICMP to internet addresses

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 2 Posters 520 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G Offline
      gmbarlev
      last edited by

      Hello everyone,
      I'm testing pfsense in a virtual lab.
      I have 3 LAN interfaces, in one of them I configured http and https traffic interception for virus scanning. everything works fine (using squid)
      My question is how do I allow ICMP traffic to internet addreses only.

      Thanks

      V 1 Reply Last reply Reply Quote 0
      • V Offline
        viragomann @gmbarlev
        last edited by

        Define an RFC 1918 alias in Firewall > Aliases. Add all private network ranges to it.
        Then add a pass filter rule, select ICMP protocol, at destination check „Invert“, „single host or alias“ and enter the RFC 1918 alias.

        Consider that this works only if you have restricted access rules, so that ICMP is not allowed by ofher rules.

        G 1 Reply Last reply Reply Quote 1
        • G Offline
          gmbarlev @viragomann
          last edited by

          @viragomann brilliant!!
          Thanks! It works!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.