I am attempting to run a firewall(ipchains) that blocks all incoming ICMP packets from foreign IP's, but I want to allow all packets that originate from behind my firewall back into the system where they originated from. So if I wanted to ping lets say www.yahoo.com
I would be able to get a ping reply packet back, but if someone at www.yahoo.com
attempted to ping me they wouldn't get a reply packet back. Currently I have the following rules added.
ipchains -A input -p icmp -s 0.0.0.0/0 -j DENY <-this rule blocks all ICMP, and I mean all ICMP packets. Incoming & outgoing.