Quick fix, won't last after a reboot
root@OpenWrt:~# uci add firewall rule
root@OpenWrt:~# uci set firewall.@rule[-1]._name=ping
root@OpenWrt:~# uci set firewall.@rule[-1].src=wan
root@OpenWrt:~# uci set firewall.@rule[-1].target=ACCEPT
root@OpenWrt:~# uci set firewall.@rule[-1].proto=ICMP
root@OpenWrt:~# uci commit firewall
root@OpenWrt:~# /etc/init.d/firewall restart
For it to work after a reboot, something along these lines.
https://forum.openwrt.org/viewtopic.php?id=19162Hi Guys, we successfully (I + Almond + Staff member Saidur) implement a permanent fix for this that does not remove ICMP ping every restart.
Please edit your RC.local file to include
iptables --table filter -D reject --jump REJECT --reject-with port-unreach
iptables -A INPUT -i eth0 -p tcp --destination-port 1:1024 -s 0.0.0.0 -j DROP
iptables -A INPUT -i eth0 -p udp --destination-port 1:1024 -s 0.0.0.0 -j DROP
My rc.local file now looks like this.
/etc/init.d/d2 stop
/etc/d2/d2.remove
/etc/init.d/mrd6 stop
/etc/init.d/pppoe-server stop
iptables --table filter -D reject --jump REJECT --reject-with port-unreach
iptables -A INPUT -i eth0 -p tcp --destination-port 1:1024 -s 0.0.0.0 -j DROP
iptables -A INPUT -i eth0 -p udp --destination-port 1:1024 -s 0.0.0.0 -j DROP