@cfusco , no problem.
I think your statement gives a good overview about ICMP traffic.
1 Like
Hi all,
@cfusco as an beneath information,i would also delete the rules or flush CUSTOMINPUT in “stop)” section in firewall.local to prevent duplicates of the same rules.
Best,
Erik
1 Like
Thank you all for the quick responses! And cfusco, you gave a great explanation about icmp.
I guess I was hopeful for a simple checkbox like what smoothwall had. Oh well, I don’t want to mess with config files right now. But if I do in the future, I can refer back to this thread now.
I also didn’t think of the idea that a lack of a response could be interpreted as something being there, so maybe it isn’t worth the trouble anymore anyway.
So far I am very happy with ipfire. Seems like it is the perfect replacement for our old smoothwall router.
Thank you all again.
2 Likes
You are absolutely right. I have update the example code.
A short version can be
stop)
## add your 'stop' rules here
iptables -F CUSTOMINPUT
but may also good to list them all with the -D flag to make things more clear.
Best,
Erik
1 Like
A good place would be in wiki.ipfire.org - Tutorials and Learning Material for Newbies.
But this is mainly a page of links.
Another place could be the examples section of wiki.ipfire.org - Firewall Documentation.
1 Like
2 Likes
@cfusco , thx.
I’ve added a link to wikipedia. This rounds up the information for the interested user.
2 Likes
There is an extraneous “i” at the start of the sample firewall.local file on the wiki.
i#!/bin/sh
# Used for private firewall rules
...
1 Like
Corrected. 
2 Likes
The wiki placement looks good. Please add “not recommended” paragraph as the first paragraph.
I remember having problems with OpenVPN and it would not work with ping disabled. This was more than 5 years ago. I use IPSec these days so I dont know if this is still an issue.
I think Peter (or one of the Core Devs) wrote a Post about why disabling ping was a bad idea. I don’t remember if this was a Community post or a Dev List post…
EDIT:
EDIT2:
2 Likes
Thank you @jon for your help. I’ve updated the wiki article to prominently feature the “not recommended” warning as the first paragraph, underscoring the general consensus against disabling ICMP.
The introduction has also been restructured to strongly advocate for the importance of maintaining network functionality. While my personal views strongly align with preserving ICMP, I’ve retained the technical details for those who opt to disable pings. This approach ensures that the article remains a comprehensive resource for everyone, irrespective of their stance on the issue.
Feel free to further intensify the language if you think it’s necessary.
3 Likes
I did not see this on the ping wiki page… maybe it did not save?!?
Is it clearer with sentence in bold?
1 Like
Ha! bolding helped - I missed it before!!
1 Like
Hmm, it seems the erroneous / extraneous ‘i’ has returned 
I don’t see the ‘i’ anymore. It looks fine to me. Maybe we can close this thread and hopefully never speak of this topic again, besides pointing to the wiki.
4 Likes