To stop pinging and traceroute from outside (Fabrice MARIE)

[Darian Lanx]

|>    1. Re: To stop pinging and traceroute from outside (Fabrice MARIE)
|>=20
|> You can drop incoming echo-requests to stop ping to your interface,
|> and drop outgoing time-exeeded to drop reply to traceroute.
Just a side note. Please do NOT drop time-exceeded packets if you are =
running services on the firewall or the firewall acts as a rpoxy to =
services running behind the firewall. The ICMP time-exceeded packet is =
crucial to proper funcvtion of daemon/client connections.

-d
|>=20