TIPS How to allow ICMP from internal network in iptables

[JCass78]

I'm trying to allow ICMP from my internal network (which is currently blocked (using travelin' Man 3)
I would think I would issue the following command, then an iptables-save, but I wanted to verify with you guys first. Is this the right way to do it? If not, do you have a suggestion?

iptables -A INPUT -p icmp --icmp-type echo-request -d 192.168.100.0/24 -j ACCEPT

 

[markrmcs]

This thread discussed allowing ping in iptables:

why my pbxinaflash server cannot be pinged

specifically:

iptables -A INPUT -p icmp --icmp-type 8 -s INTERNAL_IP_RANGE/NETMASK -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type 0 -d INTERNAL_IP_RANGE/NETMASK -m state --state ESTABLISHED,RELATED -j ACCEPT

 

[JCass78]

Thank you Markrmcs, that's exactly what I needed. I certainly searched for it, but didn't see that thread.

Is there anything I need to do to make these entries persist after reboot, or is that automatic?

 

[markrmcs]

From the referenced post:

Sorry to bump an old thread but thought I may help. If all you want is to allow your INTERNAL network to be able to ping your ipbx box (not from the outside). You can use my example below and add it to your /etc/sysconfig/iptables file

iptables -A INPUT -p icmp --icmp-type 8 -s 192.168.64.0/18 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A OUTPUT -p icmp --icmp-type 0 -d 192.168.64.0/18 -m state --state ESTABLISHED,RELATED -j ACCEPT

Basically anything in the 192.168.64.0/18 block will allow RECEIVING and RESPONDING to imcp/ping requests. Hope it helps