Syndicate content

What is the 255 in "iptables -A INPUT -p icmp --icmp-type 255 -j ACCEPT"?

The following command adds a rule to your iptable firewall:

iptables -A INPUT -p icmp --icmp-type 255 -j ACCEPT

As we can see, the rule accepts protocol ICMP and uses ICMP type 255. Only, if you look for a list of valid ICMP types, 255 is not included.

The fact is that this rule actually says: accept any ICMP type. If you changed the ACCEPT with DROP, it would refuse all ICMP packets. In most cases, it is safe to accept ICMP packets since they do not divulge more information than necessary.

Note that in your firewall script, you may use "any" instead of 255. That will make it clearer. However, when you check out your firewall, it will show the rule as follow:

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts   bytes target  prot opt in   out  source     destination

2432  326450 ACCEPT  icmp --  eth0 *    icmptype 255

and as you can see, it says 255 and not any. So this is something you want to know about. The meaning of ICMP type 255 is: All ICMP types included. This is an internal interpretation of the ICMP type value and not a type of mask or anything of the sort.


Syndicate content

Diverse Realty

Diverse Realty Team

Want a New Home?
Want to Sell Your House?

Call Alex at
+1 (916)
220 6482

Alexis Wilke, Realtor
Lic. # 02024063

Cory Marcus, Broker
Lic. # 01079165


Terms of Site Index

Find the page/content you are looking for with our index.

  • D6

    Abbreviations for Drupal version 6.x

  • GetRows
  • default
  • proxy

    In networking, a proxy is an intermediate network connection used to hide a user or computer. Most large companies use multiple proxies to hide all of their different intranets. Technically, when using a proxy you actually send all your network data to that other computer and that computer is in charge of sending that data outside your organization. Very large companies generally have multiple levels of proxies.

  • sha256