If Suricata is enabled (even in monitoring mode only), Debian packaged Nagios check_ping ICMP traffic is dropped. There are no log entries in fast.log, so I guess this is a preprocessor issue and not caused by actual rules. Disabling Suricata causes check_ping to work correctly, normal ping command works, too. Surprisingly, check_ping on IPFire works correctly: b3fdb0f302a4d56fcee8bee8642afb1796f903a7b302ed79484ff8d9ec5e1741 /usr/lib/nagios/plugins/check_ping [root@maverick ~]# /usr/lib/nagios/plugins/check_ping -V check_ping v2.2.1 (nagios-plugins 2.2.1) 6a80a56044f97b86b54f6ed22d306f4ce0f087041583341289c9933e6d208a72 /usr/lib/nagios/plugins/check_ping pmu@debian-testing:~$ /usr/lib/nagios/plugins/check_ping -V check_ping v2.2 (monitoring-plugins 2.2) I have no idea why this is (bug in monitoring-plugins 2.2?).
Did you intentionally assign this to yourself?
Yes, as I am not sure what the origin of this behaviour exactly is.
This may or may not be fixed in upcoming Core Update 137. This issue will be kept opened until there are some testing results.
https://blog.ipfire.org/post/ipfire-2-23-core-update-137-is-available-for-testing Testing results are still missing...
This problem is not reproducible anymore and I am pretty sure it was related to the Suricata issue filed in #12078.