LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   iptables (https://www.linuxquestions.org/questions/linux-security-4/iptables-442745/)

user1029 05-08-2006 07:04 AM
iptables
 
Hi there, i am new to iptables and i need to find out how to implement following rules:

setup default policies of DROP for the input chain and REJECT for the other 2 default chains.
ii) allow any input/output traffic over the loopback interface ie lo
iii) deny any incoming packets claiming to be from your IP address and log them
iv) deny any packets from/to the following networks and log them
class A 10.0.0.0 NB class A networks have an 8-bit netmask
class B 72.16.0.0 NB class B networks have a 16-bit netmask
Class D 224.0.0.0 with a 4 bit netmask
Class E 240.0.0.0 with a 5 bit netmask
v) deny incoming/outgoing packets on eth0 which have an address of 127.0.0.1 and log them


Thanks for any help.

jschiwal 05-08-2006 07:37 AM
This site has a policy against doing people's homework problems.

iptables is the program that sets up netfilters tables. There is documentation at the netfilter homepage: http://www.netfilter.org/

jschiwal 05-08-2006 07:48 AM
Also check in /usr/share/doc/packages/iptables/packet-filtering-HOWTO.html. This directory may also contain documentation on NAT.

Linux~Powered 05-08-2006 12:15 PM
This should work for you.

Quote:
setup default policies of DROP for the input chain and REJECT for the other 2 default chains.
iptables -F
iptables -X
iptables -N LOG_DROP

#Default policies..

iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT

Quote:
deny any packets from/to the following networks and log them
#Log rules...

iptables -A INPUT -i eth0 -s 10.0.0.0/8 -j LOG_DROP
iptables -A INPUT -i eth0 -s 224.0.0.0/4 -j LOG_DROP
iptables -A INPUT -i eth0 -s 240.0.0.0/5 -j LOG_DROP
iptables -A INPUT -i eth0 -s 172.16.0.0/12 -j LOG_DROP

#Drop them...

iptables -A INPUT -i eth0 -s 10.0.0.0/8 -j DROP
iptables -A INPUT -i eth0 -s 224.0.0.0/4 -j DROP
iptables -A INPUT -i eth0 -s 240.0.0.0/5 -j DROP
iptables -A INPUT -i eth0 -s 172.16.0.0/12 -j DROP

Quote:
ii) allow any input/output traffic over the loopback interface ie lo
# Allow loopback connections.

iptables -A INPUT -i lo -j ACCEPT

# Rules for logging packets.

iptables -A LOG_DROP -j LOG --log-prefix "[IPTABLES DROP] : " --log-tcp-options --log-ip-options --log-level 3


Edit your syslog.conf file by adding these two lines...

# Log rc.firewall packets.
kern.3 /var/log/firewall

Restart syslogd and your done.

user1029 05-15-2006 08:07 AM
Thank you Linux~Powered so much. I really appreciate your help.


All times are GMT -5. The time now is 11:51 PM.