Zen Notes
Cogitatio materialis est

Linux: How to disable ping replies?

31st Oct 2013

You may want to disable ping replies for many reasons, maybe for a security reason, or to avoid network congestion. To disable ping replies, you can do it either with help of iptables (allow or block ICMP ping request) or by setting the kernel variable.

Temporarily Disable ping replies

To temporarily (will be back after reboot) disable the ping reply, use this command:

  su -
  echo "1" >  /proc/sys/net/ipv4/icmp_echo_ignore_all
  # This instructs the kernel to simply ignore all ping requests
  # 1 -- ignore ping requests
  # 0 -- don't ignore

or

  iptables -A INPUT -p icmp -j DROP

Permanently Disable ping replies

To disable ping requests permanently, add this line into your /etc/sysctl.conf file:

  net.ipv4.icmp_echo_ignore_all = 1

And reload sysctl's policy by # sysctl -p.

Or save iptables rule by

  # for distros with systemd
  /usr/libexec/iptables.init save

  # for all other distros
  service iptables save

  # univeral way: edit main config by yourself
  vim /etc/sysconfig/iptables