What's new
By:

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

IPtable rule for PING

P

PuraVida

New Around Here
I need to allow ping from the WAN interface but from only a specific address. That's not an option in the web GUI so in an SSH terminal I entered the rules below (with correct IP address) but was still able to ping from any address. Are these rules correct, or am I missing something, or is this even possible? This on 3006.102.4 on an Asus RT-BE92U.

iptables -A INPUT -p icmp -j DROP
iptables -A INPUT -s 192.168.1.10 -p icmp -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 
I would try something like this:
Code: 
iptables -I INPUT_PING -s 192.168.1.10/32 -j ACCEPT
This accept pings from that source IP using the existing chain the firmware creates to drop pings.

Your rules were being appended to the end of the INPUT chain, where they were probably never evaluated.
 
dave14305 said:
I would try something like this:
Code: 
iptables -I INPUT_PING -s 192.168.1.10/32 -j ACCEPT
This accept pings from that source IP using the existing chain the firmware creates to drop pings.

Your rules were being appended to the end of the INPUT chain, where they were probably never evaluated.
Click to expand...
Thanks. That makes perfect sense.
 
You must log in or register to reply here.

Similar threads

garycnew
VPNDirector Source/Destination Port-Based Split-Tunneling Rules Not Possible?
Replies
6
Views
533
garycnew
garycnew
Kees17760
Port based routing won't work
Replies
0
Views
223
Kees17760
Kees17760
X
[ASUSWRT 5.0] VLAN Support
Replies
0
Views
918
xTerminator
X
J
RT-AC88U drops the OpenVPN inbound ACCEPT iptables rule after a time
Replies
14
Views
397
JDA
J
adri
Firewall, Port Forwarding, and DoS Question
Replies
8
Views
958
ColinTaylor
C
Similar threads
Thread starter Title Forum Replies Date
J RT-AC88U drops the OpenVPN inbound ACCEPT iptables rule after a time Asuswrt-Merlin 14
r000t Hardcoded Google DNS IPTABLES rule Asuswrt-Merlin 6
U Loss of access to user interface after application of VPN rule and Killswitch (3004.388.8) Asuswrt-Merlin 14
L question of vpn director rule Asuswrt-Merlin 7
B Solved What VPN Director rule should i use to be able to connect outside my home to my VPN provider? Asuswrt-Merlin 2
R OpenVPN client can't connect to local resources over port 80/443, but can ping them by IP Asuswrt-Merlin 6
M Can't ping ipv6 with all connected devices Asuswrt-Merlin 0
thelonelycoder Is curl the new ping? Asuswrt-Merlin 2
M Solved No ping on WG - BUG? Asuswrt-Merlin 20
CntrlAltDel Not able to ping to WAN Asuswrt-Merlin 7

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 937 (members: 16, guests: 921)
Back
Top