Welcome to the most active Linux Forum on the web.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 01-02-2002, 07:12 AM   #1
Registered: Dec 2001
Posts: 195

Rep: Reputation: 30
Should i use the eth0 ip address of my internet ip address when applying iptables

#Drop traceroute packets
iptables -A INPUT -s 0/0 -d -p udp --dport 33435:33525 -j DROP is the ip address of my machine.
Is the above statement correct or should i be using my internet ip that points to this machine. For example if you go to, you would be redirected to my machine

Am I making sense?

Thank you.:smash:
Old 01-03-2002, 06:42 AM   #2
Senior Member
Registered: Dec 2001
Location: The Netherlands
Distribution: Ubuntu
Posts: 1,316

Rep: Reputation: 47
Depends what kind of traffic you want to block that rule says you block things with destination ip 192.etc... People accessing your machine from the outside will refer to it using the 65.etc.. ip so that rule will never block those packets. So in this case I'm assuming you want to block those ports for outside traffic so you will have to use the other ip address.
Old 01-03-2002, 09:54 AM   #3
Registered: Apr 2001
Location: London
Posts: 408

Rep: Reputation: 31
The correct entry would be:

iptables -A INPUT -p udp -i eth0 -s 0/0 -d 0/0 --dport 33434:33600 -j LOG --log-level info --log-prefix "** TRACEROUTED **"
iptables -A INPUT -p udp -i eth0 -s 0/0 -d 0/0 --dport 33434:33600 -j DROP

eth0 is your external address.
Always stop packets with the device and ip as ip addresses can be faked.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Same address on eth0 as eth1 matrixcubed Linux - Networking 2 05-23-2005 01:25 PM
how to get ip address, broadcast address, mac address of a machine sumeshstar Programming 2 03-12-2005 05:33 AM
Eth0 up, has ip address, but cant connect to anything! Munix Linux - Distributions 1 04-10-2004 09:34 PM
My eth0 won't get an IP address on my LAN poeta_boy Linux - Networking 4 01-29-2004 04:00 PM
eth0 and host address tommytomato Linux - Newbie 2 12-03-2003 05:29 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:42 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration