Good morning,
I am new on Fedora after spending years on Debian based distros. I would like to bloc icmp reply on a server running Fedora.
On Ubuntu, there is a very useful tool called UFW (Uncomplicated firewall). Do we have the same on Fedora?
If not, how can I bloc icmp reply from any ping request coming from the network?
I did check already many tutos on the web, but I keep getting all ping requests.
I setup firewall-cmd with a dedicated zone, allow ports and services but cannot fix the problem with ICMP.
Thanls a lot.
Set the target to DROP and clear the list of ICMP blocks if any:
sudo firewall-cmd --permanent --set-target=DROP
sudo firewall-cmd --permanent --remove-icmp-block=echo-reply
sudo firewall-cmd --permanent --remove-icmp-block=echo-request
sudo firewall-cmd --reload
1 Like
Hello and thank you Vladislav,
I tried that already, but the ping is still answering.
Thanks a lot
Nicky
In general blocking ping and using non-standard ports to deter attackers is not worth the effort I have been advises in the past.
An attacker that can quickly find your ssh port and login will move on and leave your server alone. But if you make it hard they will fall back to doing full port range scanning, assuming you are using none standard port. These use up a lot more systems resources.
1 Like
Still the same!
Thx
Still the same 
Here we are 
big thank you.
What is exactly icmp-bloc-inversion ?
Ok, another big thank you.