How to filter this packet using iptables?
 

Hello, all.

I can filter some protocol packet like below using iptables.

# iptables -A INPUT -p x

But how can I filter like (proto 0) below?
proto 0 means protocol 0?

I can find protocol 0 information at
http://www.iana.org/assignments/protocol-numbers


11.34.254.146 -> xx.xx.xx.xx [proto 0]
........WinSock 2.0.....LG@. B..Y..|............#...............

24.57.19.22 -> xx.xx.xx.xx [proto 0]
........WinSock 2.0.....LG@.....Y..|............#...............

# iptables -A INPUT -p 0 -j DROP

When I execute like above, protocol 0 means all protocol.

# iptables -L INPUT -n
target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0




Thanks for your time....

From man iptables:

The IP (Internet Protocol), the number 0, is not really a protocol but the basic layer for IPv4 and IPv6 located at network layer, instead of the transport layer in which such common protocol as TCP and UDP are located. Please see /etc/protocols as reference instead of IANA, since that is what the operating system and most programs understands.

I have no information where the log file is coming from and to what the protocol in that refers, but the "WinSock 2.0" is the standard Windows Sockets API that itself reaches the TCP/IP protocol suite, and if you filter protocol 0, you basically filter every single packet and segment.