What's new
By:

IPtable rule for PING

P

PuraVida

New Around Here
I need to allow ping from the WAN interface but from only a specific address. That's not an option in the web GUI so in an SSH terminal I entered the rules below (with correct IP address) but was still able to ping from any address. Are these rules correct, or am I missing something, or is this even possible? This on 3006.102.4 on an Asus RT-BE92U.

iptables -A INPUT -p icmp -j DROP
iptables -A INPUT -s 192.168.1.10 -p icmp -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
 
I would try something like this:
Code: 
iptables -I INPUT_PING -s 192.168.1.10/32 -j ACCEPT
This accept pings from that source IP using the existing chain the firmware creates to drop pings.

Your rules were being appended to the end of the INPUT chain, where they were probably never evaluated.
 
dave14305 said:
I would try something like this:
Code: 
iptables -I INPUT_PING -s 192.168.1.10/32 -j ACCEPT
This accept pings from that source IP using the existing chain the firmware creates to drop pings.

Your rules were being appended to the end of the INPUT chain, where they were probably never evaluated.
Click to expand...
Thanks. That makes perfect sense.
 
You must log in or register to reply here.

Similar threads

GWTechTalk
ASUS Merlin Scripting & T-Mobile
Replies
0
Views
643
GWTechTalk
GWTechTalk
C
Is changing Iptables in Asuswrt-Merlin considered acceptable network management practice?
Replies
11
Views
2K
RMerlin
RMerlin
A
DNS Director not properly redirecting DNS traffic to router
Replies
18
Views
1K
degrub
D
S
Firewall rule to block firmware updates
Replies
5
Views
1K
JGrana
JGrana
maghuro
Suggestion: Allow selecting interface for NAT rules (Virtual Server / Port Forwarding)
Replies
2
Views
399
maghuro
maghuro
Similar threads
Thread starter Title Forum Replies Date
C Injecting route into local table for rule 0 Asuswrt-Merlin 9
M Change VPN director rule over ssh Asuswrt-Merlin 0
X VPN Director - Rule by port Asuswrt-Merlin 4
S Firewall rule to block firmware updates Asuswrt-Merlin 5
R Can't ping Printer when Devices are on different AP's Asuswrt-Merlin 7
R OpenVPN client can't connect to local resources over port 80/443, but can ping them by IP Asuswrt-Merlin 6

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 1,777 (members: 14, guests: 1,763)
Back
Top