Text only | Text with Images

OPNsense Forum

English Forums => 25.7 Series => Topic started by: bhillcv on September 30, 2025, 12:25:20 AM

Title: BLOCK ICMP ON WAN INTERFACES
Post by: bhillcv on September 30, 2025, 12:25:20 AM
Hello.
I have a question, although it is very basic, I was unable to configure it.

How do I block ICMP Ping on OpnSense WAN interfaces.

I have already created a block All rule for the ICMP protocol, but I still continue to receive pings on the WAN interfaces.
Title: Re: BLOCK ICMP ON WAN INTERFACES
Post by: someone on September 30, 2025, 02:14:17 AM
If we get suricata working you can do it in that also, there are a couple rules to enable
May be able to search ICMP and find them.
NOTE... Some things may stop working that use pings once in a while. Seen it a couple times, its rare.
Browser sometimes, mozilla and google. Dont know why they use icmp when a simple packet would do.
Title: Re: BLOCK ICMP ON WAN INTERFACES
Post by: someone on September 30, 2025, 04:03:36 AM
There are different ICMP packets, probably have to specify which type icmp you want to block
Title: Re: BLOCK ICMP ON WAN INTERFACES
Post by: franco on September 30, 2025, 07:17:16 AM
Context matters indeed, because e.g. ICMPv4 is blocked by default...


Cheers,
Franco
Text only | Text with Images