To disable ping or ICMP responses from a CentOS/RHEL system, we can use kernel parameter icmp_echo_ignore_allin /etc/sysctl.conf.

1. On the server where you need to disable ping responses, review the current setting related to responses to ping messages with the following command:

# cat /proc/sys/net/ipv4/icmp_echo_ignore_all
0

 

2. Assuming the output is a 0, try the ping localhost command. You should get a response to the ping requests. Don’t forget to press CTRL-C to exit from the output stream. If the output is 1, skip to Step 3.

 ping localhost
PING localhost (127.0.0.1) 56(84) bytes of data. 
64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.060 ms

 

3. If the output to above command is not 1 then, change the kernel setting described in Step 1 with the following command:

# echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all

 

Making the changes persistent

 

To make the changes persistent across reboots, add the following line to your /etc/sysctl.conf file.

 

# vi /etc/sysctl.conf 
 # Ignore all to ICMP (ping) 
 net.ipv4.icmp_echo_ignore_all = 1

 

To verify the parameter set use the below command:

 

# sysctl -a | grep "icmp_echo_ignore_all"
net.ipv4.icmp_echo_ignore_all = 1

 

Also try to ping the localhost or ping the host from a remote server. For example:

 

# ping localhost 
 PING localhost (127.0.0.1) 56(84) bytes of data. 
 --- localhost ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4005ms

 

Hasznosnak találta ezt a választ? 0 A felhasználók hasznosnak találták ezt (0 Szavazat)