RE: [m0n0wall] Ping from WAN

From:	"Quark IT - Hilton Travis" <Hilton at quarkit dot com dot au>
To:	<m0n0wall at lists dot m0n0 dot ch>
Subject:	RE: [m0n0wall] Ping from WAN
Date:	Tue, 21 Feb 2006 07:53:08 +1000

Hi Thomas,

> -----Original Message-----
> From: Thomas Kolstø [mailto:thomas at kolsto dot no] 
> Sent: Tuesday, 21 February 2006 07:20
> 
> Quark IT - Hilton Travis wrote:
> > Hi All,
> >
> > I'm trying to find a way to allow m0n0wall to reply to 
> > PING requests from the WAN side but cannot seem to 
> > find a way to allow this.  It's a bit weird to not 
> > have this configurable in the interface, especially as
> > blocking PING responses (the m0n0wall default) is in 
> > breach of RFCs.
> >
> > Any ideas?
> >   
> A firewall rule on WAN interface passing icmp from "ANY" 
> to "WAN address" should do the trick.

Yup, allowing ICMP Echo did the trick.  I still find it a bit weird that the default is to breaf
RFCs and there's no interface option to allow ping functionality.

--

Regards,

Hilton Travis                          Phone: +61 (0)7 3344 3889
(Brisbane, Australia)                  Phone: +61 (0)419 792 394
Manager, Quark IT                      http://www.quarkit.com.au
         Quark AudioVisual             http://www.quarkav.net

http://www.threatcode.com/ <-- its now time to shame poor coders 
into writing code that is acceptable for use on today's networks

War doesn't determine who is right.  War determines who is left.

This document and any attachments are for the intended recipient 
  only.  It may contain confidential, privileged or copyright  
     material which must not be disclosed or distributed.