in my firewall script i'm create a chain dedicated to spoofed pachet: EXTIF="eth0" LOOPBACK="127.0.0.0/8" CLASS_A="10.0.0.0/8" CLASS_B="172.16.0.0/12" CLASS_C="192.168.0.0/16" CLASS_D_MULTICAST="224.0.0.0/4" CLASS_E_RESERVED_NET="240.0.0.0/5"
iptables -N spoof iptables -A spoof -i $EXTIF -s $EGO -j DROP iptables -A spoof -i $EXTIF -s $CLASS_A -j DROP iptables -A spoof -i $EXTIF -s $CLASS_B -j DROP iptables -A spoof -i $EXTIF -s $CLASS_C -j DROP iptables -A spoof -i $EXTIF -s $CLASS_D_MULTICAST -j DROP iptables -A spoof -i $EXTIF -s $CLASS_E_RESERVED_NET -j DROP iptables -A spoof -i $EXTIF -d $LOOPBACK -j DROP iptables -A INPUT -i $EXTIF -j spoof you could use this rule too is a good things log pachet before drop On Fri, 24 Sep 2004 23:04:06 +1000, Daniel Pittman <[EMAIL PROTECTED]> wrote: > On 24 Sep 2004, Niclas Englund wrote: > > Thanks for the answer. But why does he wants to act like he belongs to > > my network??? > > Because your firewall may incorrectly permit those packets through, > resulting in your firewall rules being (partially) bypassed. > > > Can i get his real IP-adress? > > No. Your ISP, and every other ISP in the chain, may be able to, but it > is extremely non-trivial. > > > If i dident have this firewall would my router think that he belongs > > to my network??? > > Yes, in many cases. > > Also, this situation may occur in cases where the routing is temporarily > broken, and your router sent the packets out the wrong interface where > they are correctly sent back. That is rather uncommon, however. > > Daniel > -- > I Dream Of Rain > I Dream Of Gardens In The Desert Sand > I Wake In Pain > I Dream Of Love As Time Runs Through My Hand > -- Sting, _Desert Rose_ > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
