geerlingguy / ansible-role-firewall

Ansible Role - iptables Firewall configuration.
https://galaxy.ansible.com/geerlingguy/firewall/
MIT License
529 stars 219 forks source link

Accept only ping request for icmp #112

Open hkcomori opened 3 months ago

hkcomori commented 3 months ago

Only ping requests are allowed according to the comments, and all other ICMP requests are denied (We can also allow them with additional rules). Considering CVE-1999-0524, it is better to deny netmask/timestamp requests by default.