LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Should i use the eth0 ip address of my internet ip address when applying iptables (https://www.linuxquestions.org/questions/linux-security-4/should-i-use-the-eth0-ip-address-of-my-internet-ip-address-when-applying-iptables-10989/)

ForumKid 01-02-2002 06:12 AM
Should i use the eth0 ip address of my internet ip address when applying iptables
 
#Drop traceroute packets
iptables -A INPUT -s 0/0 -d 192.168.2.2 -p udp --dport 33435:33525 -j DROP

192.168.2.2 is the ip address of my machine.
Is the above statement correct or should i be using my internet ip that points to this machine. For example if you go to 65.125.111.33, you would be redirected to my machine 192.168.2.2.

Am I making sense?

Thank you.:smash:

Mik 01-03-2002 05:42 AM
Depends what kind of traffic you want to block that rule says you block things with destination ip 192.etc... People accessing your machine from the outside will refer to it using the 65.etc.. ip so that rule will never block those packets. So in this case I'm assuming you want to block those ports for outside traffic so you will have to use the other ip address.

raz 01-03-2002 08:54 AM
The correct entry would be:

iptables -A INPUT -p udp -i eth0 -s 0/0 -d 0/0 --dport 33434:33600 -j LOG --log-level info --log-prefix "** TRACEROUTED **"
iptables -A INPUT -p udp -i eth0 -s 0/0 -d 0/0 --dport 33434:33600 -j DROP


eth0 is your external address.
Always stop packets with the device and ip as ip addresses can be faked.

/raz


All times are GMT -5. The time now is 12:56 AM.