shorewall_code/Lrp/etc/shorewall/icmp.def
teastep 390ee5a4a0 Initial revision
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@38 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
2002-05-29 14:37:49 +00:00

23 lines
1.1 KiB
Modula-2

##############################################################################
# Shorewall 1.3 /etc/shorewall/icmp.def
#
# This file defines the default rules for accepting ICMP packets.
#
# Do not modify this file -- if you wish to change these rules, create
# /etc/shorewall/icmpdef to replace it. It is suggested that you include
# the command "source /etc/shorewall/icmp.def" in your
# /etc/shorewall/icmpdef file so that you will continue to get the
# advantage of new releases of this file.
#
# For example, if you want to accept 'ping' everywhere then create
# /etc/shorewall/icmpdef with the following two lines:
#
# source /etc/shorewall/icmp.def
# run_iptables -A icmpdef -p ICMP --icmp-type echo-request -j ACCEPT
#
run_iptables -A icmpdef -p ICMP --icmp-type echo-reply -j ACCEPT
run_iptables -A icmpdef -p ICMP --icmp-type source-quench -j ACCEPT
run_iptables -A icmpdef -p ICMP --icmp-type destination-unreachable -j ACCEPT
run_iptables -A icmpdef -p ICMP --icmp-type time-exceeded -j ACCEPT
run_iptables -A icmpdef -p ICMP --icmp-type parameter-problem -j ACCEPT