Hi! Thanks for reading my post/question:
I think my eyes are beginning to bleed, I've been recently playing with Iptables - mostly just to get more familiar with them and for fun.
I've been trying my hand at packet filtering, and I put in a rule to match any packets that are not Syn packets that are see as new connections.
Here are the rules I put in:
iptables -N tcpsyncheck
iptables -A tcpsyncheck -p tcp ! --syn -m state --state NEW -j LOGDROP
iptables -A INPUT -p tcp -j tcpsyncheck
My Policy rules are:
Currently I have one rule that allows web traffic in:
iptables -A INPUT -p tcp --dport 80 -j logaccept
I have LOGDROP logging the bad packets, but when I do an hping2 -c3 -F targethost -p 80
It seems to end up in my accepted area. I know I'm missing something simple, and I have a feeling that my web rule is taking precedence and allowing it in.
Keep in mind this is not a FW config for security just for me to play with, but I would like to know how to enable port 80 and filter the packets to it that are not initial Syn's.
Thanks for any help in advance!
Sponsored by: █ Sparkhost - Hosting Without Compromises! █ Hybrid Performance Web Hosting █ Spark Host Stream Hosting █ Hybrid IRC & IRCd Server Shell Accounts
Ip Tables Config Question
No replies to this topic
0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users