How to block ping interface of firewall?
-
How to block ping interface of firewall?
I 'd like not to any can ping interface of firewall and
I have already added rule block icmp from any to ip interface of firewall but it 's not work. ???
so I 'd like to who have solution for this topic. -
It blocks by default on the WAN interface.
If you want to block ICMP on the LAN interface you need to add block icmp rule before the default allow all LAN rule.
-
Hi all,
I just found that posting which points out the problem I'vo got. I added a rule "block icmp(all) lan-net -> fw-lan-ip. Unfortunately my workstation still can ping the FW-LAN-IP.
Any more in mind to help me aut of this?
Is there a feature to activate filtering packets entering and leaving on the same interface? I used m0n0wall a few months ago which did the job the way I want. Please correct me but hasn't been there such a feature ::)
Thanks in advance.
–Guido -
You need to turn off the web gui lockout feature.
-
Check system>advanced settings. Disable webgui antilockout rule there (it keeps access to the firewall itself open at LAN) but make sure you have some other rule in place allowing access to the webgui.
The other option you mention is at this page too and is called "Static route filtering".