Home > Article > System Tutorial > How to disable or allow ping in Linux
How to disable or allow ping in Linux
- WBOYforward
- 2024-01-09 20:05:51847browse
Linux allows Ping responses by default. Whether the system allows Ping is determined by two factors:
1. Kernel parameters
2. Firewall
You need to allow 2 factors at the same time to allow ping. If any of the 2 factors disables ping, ping will not be possible.
The specific configuration method is as follows:
1. Kernel parameter settings
1. Allow Ping settings
A. The command to temporarily allow PING operation is: #echo 0 >/proc/sys/net/ipv4/icmp_echo_ignore_all
B. Permanently allow PING configuration method.
Add a line to/etc/sysctl.conf
net.ipv4.icmp_echo_ignore_all=1
If the line net.ipv4.icmp_echo_ignore_all already exists, just modify the value after the = sign (0 means allowed, 1 means forbidden).
After the modification is completed, execute sysctl -p to make the new configuration take effect.
2. Disable Ping settings
A. The command to temporarily disable PING is:
#echo 1 >/proc/sys/net/ipv4/icmp_echo_ignore_all
B. Permanently allow PING configuration method.
Add a line to/etc/sysctl.conf
net.ipv4.icmp_echo_ignore_all=0
If there is already a line of net.ipv4.icmp_echo_ignore_all, just modify the value after the = sign. (0 means allowed, 1 means forbidden)
After the modification is completed, execute sysctl -p to make the new configuration take effect.
2. Firewall settings
Note: The premise of the method here is that the kernel configuration is the default value, that is, Ping is not prohibited)
Here Iptables firewall is used as an example. For other firewall operation methods, please refer to the official documentation of the firewall.
1. Allow Ping settings
iptables -A INPUT -p icmp --icmp-type echo-request -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
Or you can also temporarily stop the firewall operation.
service iptables stop
2. Disable Ping settings
iptables -A INPUT -p icmp --icmp-type 8 -s 0/0 -j DROP
The above is the detailed content of How to disable or allow ping in Linux. For more information, please follow other related articles on the PHP Chinese website!