Unix and Linux Stack Exchange
Unix and Linux Stack Exchange

Questions tagged [icmp]

ICMP is the Internet Control Message Protocol. It is used for diagnostic purposes, for querying information, and for transmitting network-level error messages. ICMPv6, the version for IPv6, is also used for configuring nodes on the link.

ICMP is technically at the same layer as TCP, UDP, SCTP, or DCCP, but ICMP is not a transport protocol in the sense that it is not used by user programs. In fact, under Unix and Linux you need to send or receive ICMP packets.

ICMP is used to

  • query a node about information
  • transmit network-level error messages (such as network unreachable or destination unreachable)
  • diagnose network problems

ICMPv6 does even more, with IPv6 ARP and IGMP are gone and reborn as ICMPv6 neighbor discovery and multicast listener discovery. Thus ICMPv6 is also used to configure nodes on the link. It is therefore of paramount importance for IPv6 not to filter ICMPv6 away as is custom with legacy IP. For more details on how to filter ICMPv6 properly see RFC 4890.

79 questions
47
votes
1 answer

What -A INPUT -j REJECT --reject-with icmp-host-prohibited Iptables line does exactly?

I have been reading RedHat iptables documentation but can't figure out what does the following line do: ... -j REJECT --reject-with icmp-host-prohibited
David
  • 573
  • 1
  • 4
  • 5
43
votes
3 answers

What Linux process is responsible for responding to pings?

I have a Linux based process controller that occasionally locks up to the point where you can't ping it (i.e. I can ping it, then it becomes no longer pingable without any modifications to network settings). I'm curious, what process/system is…
Izzo
  • 999
  • 1
  • 8
  • 15
31
votes
12 answers

How can I ping multiple IP addresses at the same time?

I'm aware of the methods where you can run a Bash for loop and ping multiple servers, is there a Linux CLI tool that I can use which will allow for me to do this without having to resort to writing a Bash script to ping a list of servers one at a…
slm
  • 363,520
  • 117
  • 767
  • 871
18
votes
3 answers

How to Disable Ping Response (ICMP echo) in Linux all the time?

I want to disable ping response all the time on my Ubuntu operating system, the following commands work but only until the system reboots: Ping off: echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all Ping on: echo "0" >…
HardRebootHackerHD
  • 171
  • 1
  • 1
  • 8
13
votes
4 answers

Is there any utility for performing ICMP testing ("ping") in only one direction?

I've been having trouble with some network configuration lately which has been tricky to resolve. It seems this would be much easier to diagnose if I knew which direction the traffic was failing to get through. Since all ping requests receive no…
Philip Couling
  • 17,591
  • 5
  • 42
  • 82
9
votes
1 answer

How come one can successfully ping 127.0.0.2 on Linux?

On a FreeBSD system with a loopback network interface … % ifconfig lo0 lo0 link up loopback drv_running running multicast nd6 performnud auto_linklocal no_radr link rxcsum txcsum hwcsum rxcsum_ipv6 txcsum_ipv6 link address …
JdeBP
  • 66,967
  • 12
  • 159
  • 343
7
votes
1 answer

MTU (IPv4) tests in Linux

I noticed I have several networks with all ICMP messages blocked at the firewall level, except for ICMP echo and reply. I know that there is a need at least ICMP messages type 3 in IPv4 have to be allowed for the MTU negotiation to occur. The…
Rui F Ribeiro
  • 55,929
  • 26
  • 146
  • 227
7
votes
3 answers

ICMP : Port unreachable error even if port is open

I am testing my Debian Server with some Nmap port Scanning. My Debian is a Virtual Machine running on a bridged connection. Classic port scanning using TCP SYN request works fine and detects port 80 as open (which is correct) : nmap -p 80…
hg8
  • 1,420
  • 3
  • 16
  • 25
7
votes
4 answers

Is there an ICMP echo request service?

Often, in applications that I develop, I like to include a network status indicator for various devices on the network. The easiest way to monitor these devices is by pinging them. But ICMP echoes are often difficult to integrate into an application…
Jason C
  • 1,341
  • 3
  • 13
  • 29
6
votes
1 answer

What is the filter expression to only sniff ICMP packets?

What is the filter expression to only sniff ICMP packets given the source IP address is 18.23.54.78 and the destination IP address is 12.67.24.89? The filter order must start with the protocol name first, source IP then destination IP. I tried to…
data_science_dal
  • 61
  • 1
  • 2
6
votes
5 answers

tcpdump -i any doesn't work on FreeBSD

How to listen all interfaces on FreeBSD with tcpdump > tcpdump -i any tcpdump: any: No such device exists (BIOCSETIF failed: Device not configured) (I would like to listen ICMP)
Dims
  • 3,181
  • 9
  • 49
  • 107
6
votes
2 answers

How to accept ICMP redirects?

tcpdump showed me there are some ICMP-redirect in my network (KVM virtual-machines, bridged network). I decided to take a closer look on them and how my system behaves and how it looks. I found it doesn't work as it should: Let say I'm on 1.1.1.1…
pawel7318
  • 1,940
  • 3
  • 16
  • 15
4
votes
0 answers

No buffer space available - ICMP

I'm trying to set up a Heartbeat client on a linux machine (CentOS Linux release 7.3.1611) which is sending ICMP echo requests to roughly 1300 hosts. However, in future this number will be higher. The messages generated by heartbeat are being…
P.Ackland
  • 41
  • 1
  • 4
4
votes
2 answers

How to DROP icmp requests with firewalld?

How to DROP icmp requests with firewalld? An equivalent example instead using iptables would be: $ iptables -A INPUT --protocol icmp --in-interface enp0s8 -j DROP The above produces the desired result (no response) like so: [root@lexy1 ~]# ping…
Alxs
  • 2,170
  • 3
  • 21
  • 31
4
votes
2 answers

Did this tutorial block pings to my server?

I am a programmer teaching myself linux admin stuff. I followed this tutorial to setup a firewall on a VPS. As a part of that tutorial, I block all traffic except for web traffic and SSH traffic. I checked to see if my server was vulnerable to ping…
bernie2436
  • 6,505
  • 22
  • 58
  • 69
1
2 3 4 5 6