How to block or unblock ping requests on Ubuntu
Ping is a network administration utility that is used to test the availability of a system on an IP network. Ping is also used to test the quality of the network connection by monitoring the round trip time and packet losses. On the other hand, network intruders and hackers also use ping to identify network subnets to find potential hosts or to perform ICMP flood attacks. Therefore, it is a good practice to block ping requests to your servers to prevent any kind of attack.
This article is about how to block ping requests to Linux Server. We will also describe how to unblock the ping requests in case you need to use ping for system administration and troubleshooting.
How to block/unblock PING requests on Ubuntu
We made the research and have got multiple methods on how to disable ping on Linux distros. Depending on specific configurations, the method will change. Following are the methods which will help you disable ping in Linux
Methode 1: How to block/unblock PING requests via Kernel parameters
To block PING requests temporarily or permanently, you can use the Kernel. There are parameters for the Kernel that can be edited and modified with the sysctl command.
1.Request to block/unblock temporarily
The first way to intercept ping requests is temporary blocking and it is done using the sysctl command. This command is used in Linux-based systems to modify or read and write kernel parameters in the /proc/sys directory.
-
Block ping requests
To block ping request, issue below mentioned command in Terminal:
# sysctl -w net.ipv4.icmp_echo_ignore_all=1
The net.ipv4.icmp_echo_ignore_all is a parameter that controls the system response to an incoming ICMP request. 0 means yes while 1 means no response to the request. Here, 1 implies all requests will be ignored or denied
When a ping request is sent, no packets will be responded to
- Unblock ping requests
Now, I want to unblock ping requests, enter the following command in the Terminal command line:
# sysctl -w net.ipv4.icmp_echo_ignore_all=0
The user can also use the Kernel parameter value and change it in the /proc/sys directory in the echo . command
# echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
To unblock use:
# echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_all
This is a method of temporarily blocking and unblocking ping requests.
2. Permanently block/unblock requests
To modify the parameters of the Kernel, we can use the file /etc/sysctl.conf. To intercept requests, I need to edit this file.
-
Block ping requests
To block the request, I need to edit the file /etc/sysctl.conf using:
# nano /etc/sysctl.conf
The editor will open, enter the line in this file:
net.ipv4.icmp_echo_ignore_all = 1
Now save and close this file. To reflect the change without rebooting, run the following command:
# sysctl -p
-
Unblock ping requests
For this, edit the file /etc/sysctl.conf using:
# nano /etc/sysctl.conf
This time, we need to update the value of net.ipv4.icmp_echo_ignore_all to ‘0’:
net.ipv4.icmp_echo_ignore_all = 0
Then save and run this command:
# sysctl -p
This way the user can permanently block and unblock ping requests.
Methode 2: How to block/unblock PING requests using Iptables firewall
The Iptables trick wall is used via the command line to turn traffic on or off. It works on the basis of rules i.e. policy chains. Iptables operates on a packet-smart network where traffic is monitored for each corresponding group of packets. They work on a lookup rule where they match each packet to a list to map it to each rule
1.Iptables Firewall install
To install the Iptables firewall, enter the following command in the command line window:
# apt install iptables
Confirm Iptables Firewall install
# iptables --version
2. Block PING with Iptables Firewall
Iptables is a rule-based network filtering engine. Users can add these rules to block pings to and from their servers. We will discuss a set of examples to add a set of rules to block PING.
-
Rule 1:
To deny or block the request, use the following command. -A in the following command implies additional rules. You will see an error message when you run the following ping command:
# iptables -A INPUT -p icmp --icmp-type echo-request -j REJECT
When you ping IP address, you will see output like this:
-
Rule 2:
You can also use the following rule to suppress the ping at the end of the input. This will not display the error message.
# iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
-
Rule 3:
To drop or block the ping request at the end of the output you can also use the following command.
# iptables -A OUTPUT -p icmp --icmp-type echo-reply -j DROP
3. Unblock PING from Iptables Firewall
Unblock ping from Iptables Firewall
-
List available rules.
You can use the following command to check all the rules that have been added to the Iptables firewall.
# iptables -L
-
Delete the set of blocking rules.
The user can remove the set of rules that are acting as a blocker for ping, they can remove it. As shown in the above example, here ICMP is being rejected. Therefore, I will remove it by:
# iptables -D INPUT -p icmp --icmp-type echo-request -j REJECT
# iptables -D OUTPUT -p icmp --icmp-type echo-reply -j DROP
User can easily delete all unwanted rules. They can simply use the -D command to delete any rule.
-
Delete custom rules.
To delete custom rules, added to the Iptables firewall, enter the following command in the command line window to delete any unwanted rules:
# iptables -F
This way users can add and unblock PING from the Iptables firewall.
Summary
In this article, I showed you how to block and unblock PING using Kernel parameters and Iptables firewall in Ubuntu.
Kernel parameters allow the user to save the settings permanently or temporarily. I discussed setting up the Iptables firewall and then went over the PING blocking method with suitable examples. Then I saw the method to unblock PING from the Iptables firewall.
In this article, we examined how to remove and delete rules whether they are custom or act as a blocker for the system.
Good Luck!