Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Is ICMP stateful?

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 3 Posters 4.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kathampy
      last edited by

      If I allow all outbound ICMP, do I need to allow incoming ICMP for say Echo Reply in order to get a response?

      1 Reply Last reply Reply Quote 0
      • D
        dhatz
        last edited by

        No, you don't.

        1 Reply Last reply Reply Quote 0
        • jimpJ
          jimp Rebel Alliance Developer Netgate
          last edited by

          ICMP the protocol is not stateful, however, pf does keep state on ICMP in a timed fashion the same way it does for UDP (also stateless at the protocol level)

          As dhatz mentioned, you don't have to worry about the replies in rules, the state table will handle that.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.