-   Linux - Security (
-   -   Iptales --limit-burst problems (

hdinn 04-01-2010 05:50 AM

Iptales --limit-burst problems
hello everybody

Actually i'm doing an ingenior training in SAGEM company, well i'm trying to develop an application which is able ti disturb the IP Network,my idea was is to mount 2 Network Interface Card (NIC) and make a bridge to pass the IP flow and to exploit the firewall Netfilter using iptables command.The application has to import a text file containing a binary array like this one:

0 1 0 : 0 corresponds to iptables -p ip ACCEPT
1 1 1 : 1 corresponds to iptables -p ip DROP
0 0 1

==> So the expected result is to have 5 ip datagrams dropped

My idea was: if 0 --> iptables -A FORWARD -p ip -m limit --limit-burst 1 -j ACCEPT
if 1 --> iptables -A FORWARD -p ip -m limit --limit-burst 1 -j DROP

The problem was: After executing the application and parsing the text file,
with iptables -L -v: i have


-A FORWARD -p ip -m limit --limit-burst 1 -j ACCEPT
-A FORWARD -p ip -m limit --limit-burst 1 -j DROP
-A FORWARD -p ip -m limit --limit-burst 1 -j ACCEPT


which is logic, but when i sniff with wireshark i find more packets are dropped(6,7 or 8 are dropped), like i had put more DROP rules.
and sometimes i found the exact value(usually 5 dropped).

so i didn't arrive to an explication for this problem.

please help body.

hdinn 04-01-2010 01:23 PM

please answer me if there is a solution :))))

All times are GMT -5. The time now is 11:23 PM.