×

Block or Unblock Ping Request on Debian 10 - How to perform this task ?

This article covers how you can block/unblock ping requests to your Debian system. You will learn different ways for blocking/unblocking ping requests either temporarily or permanently.


The --query-icmp-block=<type> option can be used to determine if a type is confgured to allow or deny. 

The --add-icmp-block=<type> option can be used to block a certain type. 

The --remove-icmp-block=<type> option can be used to not block a certain type. 

After adding or removing a block, reload the firewall.


To block ping requests in Linux:

1. Edit /etc/sysctl.conf. Add the following line to your /etc/sysctl.conf : net.ipv4.icmp_echo_ignore_all=1. Then: sysctl -p.

2. Using iptables: iptables -I INPUT -p icmp --icmp-type echo-request -j DROP.

3. With cron. Run crontab -e as root, then add the following line: @reboot echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all.


To block ping in iptables:

1. Add a rule that tells the iptables firewall to block ping in and out of a server by controlling the ICMP requests.

2. Remove the rule that tells the iptables firewall to allow ping in and out of a server by controlling the ICMP requests.


To enable ping on Linux server?

# iptables -D INPUT -p icmp --icmp-type echo-request -j REJECT D : 

This command switch is used to delete the rule. Once the ping enabled, the server should now respond to ping requests