<div class="news_item">#372<div class="news_title">OpenWRT HowTo: Enable ICMP Ping Request Reply
Posted by dandriff on Saturday June 06, 2009@07:31PM
Let's just pretend the following were true:
So, I am running OpenWRT Kamikaze on my WRT54GS and am using Comcast as my ISP, with 8 Mb. down / 2 Mb. up service. It's great! Except for the random dropouts. I am using a wired network client when I notice the dropouts occur sometimes for 20 seconds every minute, for a minute or two here and there. Blimey!!!
So off I went to google..to find out how to open OpenWRT Kamikaze for WAN ping requests.
After a little more work than I had been anticipating, I found something even better than what I had been looking for!:
iptables -A input_rule -i $WAN -p icmp -m icmp --icmp-type echo-request -m limit --limit 10/s -m length --length 1:150 -j ACCEPT
The rule above will allow ping requests -- so your network node may be troubleshooted! .. however, it limits the number of ping requests per second to 10, and enforces a maximum ping request packet size of 150 bytes. This will make it a little bit harder for someone to DoS or DDoS you, so at least some very unskilled script kidd13s might be thwarted, should they try ;) Really, I just think it's cool to tune things so tightly.
Note: For the $WAN variable in the iptables rule, for my hardware setup I used the value "eth0.1".