|
How to drop packets
Hi
I want to drop some packets based on their sequence number, which are coming to my system. Can anybody suggest, how to do so? Regards Satyabrata |
iptables software does that
man iptables |
|
This is simple example how to drop tcp packets based on flags, this flag combination described bellow will never been send from "normal" (web browser, ftp client, etc. )software, they can be send from portscanner or something similar.
Creating new chain iptables -N dropp Setting rules in chain iptables -A dropp -p tcp --tcp-flags ALL FIN,URG,PSH -j badflags iptables -A dropp -p tcp --tcp-flags ALL ALL -j badflags iptables -A dropp -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j badflags iptables -A dropp -p tcp --tcp-flags ALL NONE -j badflags iptables -A dropp -p tcp --tcp-flags SYN,RST SYN,RST -j badflags iptables -A dropp -p tcp --tcp-flags SYN,FIN SYN,FIN -j badflags Logging&Drop iptables -N badflags iptables -A badflags -m limit --limit 15/minute -j LOG --log-prefix Badflags: iptables -A badflags -j DROP But to understand how to wrote your own rules you must read man iptables carefully . Iptables is very powerful tool and thats why the beginning is a little hard. |
Quote:
There's a HOWTO for this here (jump to the section called Moving on to the TCP header). |
go for Iptables it works for u.
|
| All times are GMT -5. The time now is 02:21 AM. |