Hello,
I'm trying to define an iptables rule or set of rules to allow traceroute
IN, and perhaps limit it too.
This is what I have, but it still isn't working:
# allow certain types of ICMP, drop all else
$IPTABLES -A INPUT -p icmp --icmp-type 0 -j ACCEPT
$IPTABLES -A INPUT -p icmp --icmp-type 3 -j ACCEPT
$IPTABLES -A INPUT -p icmp --icmp-type 11 -j ACCEPT
$IPTABLES -A INPUT -p icmp --icmp-type 30 -m limit --limit
1/second -j ACCEPT
$IPTABLES -A INPUT -p icmp --icmp-type 8 -m limit --limit 1/second
-j ACCEPT
$IPTABLES -A INPUT -p icmp -j firewall
I added icmp-type 30, but I'm still missing something I see it trying high
ports 32000+, but don't want to open each of those up.
Thanks!
Tom
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
