Saturday, January 23, 2021

ICMP Firewall best practice

Ahoi,

I heard alot of oppinions on which ICMP types to allow but couldn't find a comprehensive anwser. I heard everything from allow nothing to allow all. I'm pretty sure both extremes are wrong.

I have a Router in my lab setup that terminates to the internet. It is attached to a /31 transfer network and hosts a /29 network for a few servers behind it. There are lots of non internet networks behind it too, but I guess these are not relevant.

I want to allow at least allow echo replies. But I'm not sure what I should also allow. Especially with IPv6, there seems to be a few other types that you need to allow to make things work.

So my question to you would be what types (IPv4 and IPv6) should you allow on a router like that?



No comments:

Post a Comment