This should be simple, but after five hours I am still stuck trying to enable pinging from local machines out to WAN (IPv4 and IPv6). If I disable the Network Services Filter firewall, I can ping out from my local machine (Debian 9) to the Internet. There is no ICMP option in the GUI firewall screens that I can find to enable outbound ping (There is "Respond ICMP echo" which is enabled, but I assume is for WAN to router ping.).
So, checking the router's iptables, I found:
So I deleted the DROP rule and added:
Rebooted the router, but the DROP rule returns; I am of course still blocked on the local machine:
I have a RT-AC66U using firmware 380.69_2. Any suggestions appreciated. (I have searched this forum diligently and have not found any solutions.) I uploaded the output of iptables -L -v
Thanks,
Jeff
So, checking the router's iptables, I found:
DROP icmp -- any any anywhere anywhere icmp echo-request
RETURN icmp -- any any anywhere anywhere icmp echo-request limit: avg 1/sec burst 5
RETURN icmp -- any any anywhere anywhere icmp echo-request limit: avg 1/sec burst 5
So I deleted the DROP rule and added:
ACCEPT icmp -- any any anywhere anywhere icmp echo-reply
ACCEPT icmp -- any any anywhere anywhere icmp echo-request
ACCEPT icmp -- any any anywhere anywhere icmp echo-request
Rebooted the router, but the DROP rule returns; I am of course still blocked on the local machine:
# ping -v 8.8.8.8
ping: socket: Permission denied, attempting raw socket...
ping: socket: Permission denied, attempting raw socket...
I have a RT-AC66U using firmware 380.69_2. Any suggestions appreciated. (I have searched this forum diligently and have not found any solutions.) I uploaded the output of iptables -L -v
Thanks,
Jeff