How to drop packets

satya_seth · 05-26-2009, 12:03 AM

Hi

I want to drop some packets based on their sequence number, which are coming to my system.

Can anybody suggest, how to do so?

Regards
Satyabrata

veerain · 05-26-2009, 09:52 AM

iptables software does that
man iptables

archtoad6 · 06-18-2009, 10:56 AM

Or http://iptables-tutorial.frozentux.n...-tutorial.html

zomane · 06-18-2009, 02:14 PM

This is simple example how to drop tcp packets based on flags, this flag combination described bellow will never been send from "normal" (web browser, ftp client, etc. )software, they can be send from portscanner or something similar.

Creating new chain
iptables -N dropp
Setting rules in chain
iptables -A dropp -p tcp --tcp-flags ALL FIN,URG,PSH -j badflags
iptables -A dropp -p tcp --tcp-flags ALL ALL -j badflags
iptables -A dropp -p tcp --tcp-flags ALL SYN,RST,ACK,FIN,URG -j badflags
iptables -A dropp -p tcp --tcp-flags ALL NONE -j badflags
iptables -A dropp -p tcp --tcp-flags SYN,RST SYN,RST -j badflags
iptables -A dropp -p tcp --tcp-flags SYN,FIN SYN,FIN -j badflags

Logging&Drop

iptables -N badflags
iptables -A badflags -m limit --limit 15/minute -j LOG --log-prefix Badflags:
iptables -A badflags -j DROP
But to understand how to wrote your own rules you must read man iptables carefully .
Iptables is very powerful tool and thats why the beginning is a little hard.

win32sux · 07-06-2009, 04:15 AM

Quote:

Originally Posted by satya_seth

I want to drop some packets based on their sequence number, which are coming to my system.

Can anybody suggest, how to do so?

Iptables can do this with the u32 module.

There's a HOWTO for this here (jump to the section called Moving on to the TCP header).

vap16oct1984 · 07-06-2009, 04:30 AM

go for Iptables it works for u.