Skip to content

Configure FreeBSD to forbid ping (ICMP)

配置FreeBSD禁止ping

启用pf防火墙

/etc/rc.conf 中加入

firewall_enable="YES"
pf_enable="YES"
pf_rules="/usr/local/etc/pf.conf"

添加防火墙icmp规则

/usr/local/etc/pf.conf 中增加一条防火墙规则

block in on vtnet0 proto icmp all

其中,vtnet0 是外网网卡

Reference

  • https://docs.freebsd.org/zh_CN.UTF-8/books/handbook/securing-freebsd.html

Disclaimer
  1. License under CC BY-NC 4.0
  2. Copyright issue feedback me#imzye.me, replace # with @
  3. Not all the commands and scripts are tested in production environment, use at your own risk
  4. No privacy information is collected here
Try iOS App