I need to close any ping traffic over the Astaro (currently V6).
The problem is: our Nagios system needs ping for host checks.
So i've tried to setup packet filter rules for "ICMP - Echo Request/Reply":
nagios - icmp(ping request) - dmz - allow
any - icmp(ping request) - any - drop
These are the first two rules in the Webadmin interface.
But netfilter doesn't match any packets.
This is because iptables chain AUTO_FORWARD is computed before chain USR_FORWARD.
So is it fact that i can only block or allow ALL ping traffic?
This thread was automatically locked due to age.