Been a while since I made a filter like that but here it goes:
Filtering ICMP Packets:
Internet Control Message Protocol (ICMP) packets-commonly known as ping
packets-report errors and provide other information about IP packet
processing. You can filter ICMP packets by source and destination IP
address, or by ICMP packet type. Packet types are identified in RFC 1700.
To create an ICMP filter rule, use the following command-entered on one
line:
Command> set filter Filtername RuleNumber permit|deny [Ipaddress/NM
Ipaddress(dest)/NM] icmp [type Itype] [log]
ie (Do not use the number and bracket):
1) add filter ping.in
2) set filter ping.in 1 deny icmp
3) set filter ping.in 2 permit 0.0.0.0/0 0.0.0.0/0
To:
1) Create the filter
2) Block Ping Packets
3) Allow everything else
Just apply to the user
Tom
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>