Autoriser le ping sans ICMP
De wikiGite
To discard ICMP messages but still get a ping response (important for OpenVPN connections, etc.) just add the following to the file
/etc/sysconfig/firewall.local
add under “start”
# Drop icmp, but only after letting certain types through. iptables -A CUSTOMINPUT -p icmp --icmp-type 0 -j ACCEPT iptables -A CUSTOMINPUT -p icmp --icmp-type 3 -j ACCEPT iptables -A CUSTOMINPUT -p icmp --icmp-type 11 -j ACCEPT iptables -A CUSTOMINPUT -p icmp --icmp-type 8 -m limit --limit 1/second -j ACCEPT iptables -A CUSTOMINPUT -p icmp -j DROP
To disallow pings let off rules 8 and 11.
Insert the rules with (will be then restarted automatically with IPFire)
./firewall.local start