文章目錄
- 1、設定防火墻不攔截ICMP報文
- 2、修改Linux主機不回應ICMP報文
- 3、效果展示
1、設定防火墻不攔截ICMP報文
- 防火墻放行ICMP
[root@localhost ~]# firewall-cmd --add-protocol=icmp
success
[root@localhost ~]# firewall-cmd --reload
success
[root@localhost ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: ens160
sources:
services: cockpit dhcpv6-client ssh
ports:
protocols: icmp
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
- 防火墻關閉
[root@localhost ~]# systemctl stop firewalld
2、修改Linux主機不回應ICMP報文
[root@localhost ~]# cat /proc/sys/net/ipv4/icmp_echo_ignore_all
0
[root@localhost ~]# echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
- 0:回應;
- 1:不回應;
注意:此檔案不可通過vi/vim進行修改,報錯如下:
"/proc/sys/net/ipv4/icmp_echo_ignore_all"
"/proc/sys/net/ipv4/icmp_echo_ignore_all" E667: Fsync failed
Press ENTER or type command to continue
3、效果展示
轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/286732.html
標籤:其他