In article <[EMAIL PROTECTED]>, Willi Dyck <[EMAIL PROTECTED]> wrote: >to deny icmp (ping to say it your words :)) requests >add an ipchain rule similar to this one: > >$IPCHAINS -A input -p icmp -s $REMOTENET -d $REMOTENET -j DENY >(denieing icmp requests from the internet)
Never *EVER* do this. ICMP is an integral part of IP and is used for much more than just echo requests. Blocking ICMP entirely breaks your IP stack in many ways. Read http://www.worldgate.com/~marcs/mtu/ and be enlightened. Mike.
