> > to each end. ipcop gui, firewall->firewall options->disable ping > > response: set to no.
> But you have just turned off ping response, so I wouldn't expect any. > It all depends on your precise meaning of the word "accept", I wonder if > you would be so kind as to elucidate. Simple English: Turn it off? No, therefore it's on. The manual agrees with me. It's also the default. "On" means: return ping response. > This is a design feature. The IPCOP never forwards pings from the Orange > network to prevent corrupted servers being able to conduct DoS attacks > using ping floods. ... but the same corrupted servers then proceed to sell anatomy extenders at your maximum upload speed. Like, d'oh. > > But the server can connect to any tcp port outside... > It's supposed to be able to do that, it's part of the fundamental design of > tcp/ip Are you trying to provoke? It's part of the fundamental idea of a firewall to prevent exactly that. Fundamental is that anyone outside can connect to the server (special situations notwithstanding), but it seems only Craig and I on this list understand that the reverse is a Bad Idea(TM). Sorry if I'm starting to sound sarkastic, but it's almost becoming funny :) Greetings all, Volker -- Volker Kuhlmann is list0570 with the domain in header http://volker.dnsalias.net/ Please do not CC list postings to me.
