If, as suggested by another poster, there is an earlier rule permitting
icmp access, try "inserting" the rule instead of "appending it. So
iptables -A INPUT -p icmp ...
iptables -I INPUT -p icmp ...
Because the first rule to match applies, your blocking rule needs to
appear before something that lets icmp through.
Cameron Simpson <cs@xxxxxxxxxx> DoD#743
Always code as if the guy who ends up maintaining your code will be a violent
psychopath who knows where you live.
- Martin Golding, DoD #0236, martin@xxxxxxxxxxxxxxxx
redhat-list mailing list