By default, Network Actors are configured not to respond to ICMP packets, such as ping (ICMP echo) requests. In certain scenarios, you may need to enable ping responses on your Network Actor. This functionality is useful for troubleshooting or for management software that requires a ping response to determine the status of the host.
- SSH to the Network Actor and switch to the root user:
sudo bash
- Navigate to the settings folder:
cd /opt/apps/verodin/node/settings/
- Create a new file and name it
iptables.rules:touch iptables.rules
- Change the ownership of the
iptables.rulesfile:chown nodeone:nodeone iptables.rules
See Custom iptables Rules for more information.
- Open the
iptables.rulesfile:vi /opt/apps/verodin/node/settings/iptables.rules
- Add the following entries to the
iptables.rulesfile:-A INPUT -p icmp --icmp-type echo-request -j ACCEPT -D OUTPUT -p icmp --icmp-type destination-unreachable -j DROP
- Open the Sysctl config file:
vi /etc/sysctl.conf
- Comment out the following line by adding a hash at the beginning (
#):# net.ipv4.icmp_echo_ignore_all = 1
- Add the following line:
net.ipv4.icmp_echo_ignore_all = 0
The updated file should look like the following:# For more information, see sysctl.conf(5) and sysctl.d(5). net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2 net.ipv4.conf.all.rp_filter = 2 #net.ipv4.icmp_echo_ignore_all = 1 net.ipv4.icmp_echo_ignore_all = 0
- Reboot the host. The configured Network Actor now responds to ICMP pings.