Yadda ake Toshe Buƙatun Ping ICMP zuwa Tsarin Linux

Wasu masu gudanar da tsarin sukan toshe saƙonnin ICMP zuwa sabar su don ɓoye akwatunan Linux zuwa duniyar waje akan hanyoyin sadarwa masu tsauri ko don hana wani nau'in ambaliya na IP da hana harin sabis.

Hanya mafi sauƙi don toshe umarnin ping akan tsarin Linux shine ta ƙara ƙa'idar iptables, kamar yadda aka nuna a cikin misalin da ke ƙasa. Iptables wani yanki ne na Linux kernel netfilter kuma, yawanci, ana shigar dashi ta tsohuwa a yawancin mahallin Linux.

# iptables -A INPUT --proto icmp -j DROP
# iptables -L -n -v  [List Iptables Rules]

Wata hanyar gabaɗaya ta toshe saƙonnin ICMP a cikin tsarin Linux ɗinku shine ƙara canjin kernel na ƙasa wanda zai sauke duk fakitin ping.

# echo “1” > /proc/sys/net/ipv4/icmp_echo_ignore_all

Domin sanya ƙa'idar da ke sama ta zama ta dindindin, saka layin da ke biyo baya zuwa fayil ɗin /etc/sysctl.conf kuma, daga baya, yi amfani da dokar tare da umarnin sysctl.

# echo “net.ipv4.icmp_echo_ignore_all = 1” >> /etc/sysctl.conf 
# sysctl -p

A cikin rabe-raben Linux na tushen Debian waɗanda ke jigilar kaya tare da Tacewar zaɓi na aikace-aikacen UFW, zaku iya toshe saƙonnin ICMP ta ƙara ƙa'ida mai zuwa zuwa fayil /etc/ufw/before.rules, kamar yadda aka kwatanta a cikin abin da ke ƙasa.

-A ufw-before-input -p icmp --icmp-type echo-request -j DROP

Sake kunna Tacewar zaɓi na UFW don aiwatar da ƙa'idar, ta hanyar ba da umarni na ƙasa.

# ufw disable && ufw enable

A cikin CentOS ko Red Hat Enterprise Linux rarrabawa waɗanda ke amfani da ƙirar Firewalld don sarrafa ƙa'idodin iptables, ƙara ƙa'idar ƙasa don sauke saƙonnin ping.

# firewall-cmd --zone=public --remove-icmp-block={echo-request,echo-reply,timestamp-reply,timestamp-request} --permanent	
# firewall-cmd --reload

Domin gwada idan an yi nasarar amfani da ƙa'idodin Tacewar zaɓi a cikin duk abubuwan da aka tattauna a sama, gwada yin ping na'urar Linux IP address daga tsarin nesa. Idan an katange saƙon ICMP zuwa akwatin Linux ɗinku, ya kamata ku sami saƙon \Nemi lokacin ƙarewa ko Maimakon Mai watsa shiri ba zai iya isa ba akan na'ura mai nisa.