Allow ping not working

v7
firewall

(Istvan) #1

NethServer Version: 7.4.1708
Hello,

I would like to allow ping from LAN. I set the default firewall policy to block everything and I created the rule to allow the ip_icmp service from the green interface, but is not working.
Any ideas?

I added the rule on top. Should it be at the bottom?

Istvan


(Markus Neuberger) #2

It’s not possible via web UI as you can only choose TCP or UDP but you’ll need ICMP protocol. You can realize this with a custom template:

mkdir -p /etc/e-smith/templates-custom/etc/shorewall/rules/

Create /etc/e-smith/templates-custom/etc/shorewall/rules/91ping with following content:

#
# 91ping
#
Ping(ACCEPT)   loc   net

Expand the template and restart firewall:

expand-template /etc/shorewall/rules
signal-event firewall-adjust

Now ping from LAN to WWW should work.