On Wed, 25 Feb 2004 22:09, Nathan Cook wrote: > I've been using Smoothwall and I have read some of the websites around > about the owner of the product and his attitude, I'm now going to change to > something else and I'm tossing up between IPCop and MNF, I've had a quick > play with MNF in VMWare and it looks like it would do everything I want it > to do, DMZ etc, port forwarding and what not... although I couldn't find an > option to block ICMP ping anyone know if the option exists? > > I haven't used IPCop at all, has anyone on this list used both and can > offer advice on what is the better of the 2 perhaps? > > The box it'll be running on will be a P2 300mhz 64mb Ram with an 8gig drive > (although that may change to a 2gig drive) with 3 NIC's. > > Thanks for the help in advance. >
I haven't used Mandrake SNF, but I use ipcop a lot and like it. Turning off ping replies is a kernel option you can turn off manually somewhere in the /proc tree, and set it to do so on a reboot from a startup script. Ahh, found it: echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts On my ipcop box that line is in /etc/rc.d/rc.network > Cheers > > Nathan > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.593 / Virus Database: 376 - Release Date: 2/20/2004
