Wi-Fizzle.com - Putting the fizzle in Wi-Fi since 2005 .. (yes, this was a poor choice for a domain name)

<div class="news_item">#372<div class="news_title">OpenWRT HowTo: Enable ICMP Ping Request Reply

Posted by dandriff on Saturday June 06, 2009@07:31PM

Let's just pretend the following were true:

 So, I am running OpenWRT Kamikaze on my WRT54GS and
 am using Comcast as my ISP, with 8 Mb. down / 2 Mb.
 up service.  It's great!  Except for the random
 dropouts.  I am using a wired network client when
 I notice the dropouts occur sometimes for 20 seconds
 every minute, for a minute or two here and there.  Blimey!!!

So I read on the internet that dslreports.com will do some free line-quality testing for you. Neat! The only catch is that your IP address must respond to pings!

So off I went to google..to find out how to open OpenWRT Kamikaze for WAN ping requests.

After a little more work than I had been anticipating, I found something even better than what I had been looking for!:

 iptables -A input_rule -i $WAN -p icmp -m icmp --icmp-type  echo-request -m limit --limit 10/s -m length --length 1:150 -j ACCEPT

Explanation of the iptables rule

The rule above will allow ping requests -- so your network node may be troubleshooted! .. however, it limits the number of ping requests per second to 10, and enforces a maximum ping request packet size of 150 bytes. This will make it a little bit harder for someone to DoS or DDoS you, so at least some very unskilled script kidd13s might be thwarted, should they try ;) Really, I just think it's cool to tune things so tightly.

Note: For the $WAN variable in the iptables rule, for my hardware setup I used the value "eth0.1".