ping

venky145 · Post by **venky145** » Wed Jan 17, 2007 1:39 pm

hi

how to deny my server ping except one system.

Post by **lambda** » Wed Jan 17, 2007 1:49 pm

with an iptables output rule that allows icmp echo/echoreply to that host, and blocks it for all others.

be sure to make your rule operate on echo and echoreply packets only -- you don't want to block all icmp traffic.

sakimustafa · Post by **sakimustafa** » Wed Jan 17, 2007 2:11 pm

Dear,
Just type this:
iptables -A OUTPUT -d ! 10.0.40.2 -p icmp -j DROP

Post by **lambda** » Wed Jan 17, 2007 2:45 pm

which means now your system won't deal with traceroute or send icmp unreachable port messages to other hosts.