I have been trying to get iptables set up on my gateway machine, but it isn't
working like I think it should. I have the following entry in the
rc.firewall script to block incoming SYN packets:
EXT_IF="ppp0"
IPTABLES="//sbin/iptables"
$IPTABLES -A INPUT -i $EXT_IF -p tcp ! --syn -j ACCEPT
yet ethereal shows these getting through:
Source port: 1302 (1302)
Destination port: 135 (135)
Sequence number: 2684291305
Header length: 28 bytes
Flags: 0x0002 (SYN)
0... .... = Congestion Window Reduced (CWR): Not set
.0.. .... = ECN-Echo: Not set
..0. .... = Urgent: Not set
...0 .... = Acknowledgment: Not set
.... 0... = Push: Not set
.... .0.. = Reset: Not set
.... ..1. = Syn: Set
.... ...0 = Fin: Not set
I also have the following:
$IPTABLES -A FORWARD -i $EXT_IF -p tcp --dport 135 -s 0.0.0.0/0 -j DROP
which should block packets detined for port 135, but also seems ineffective.
What might be the problem? The above is just a snippet from the rc.firewall
script. I can post it in its entirety if that would help.
--
Thomas K. Gamble
[EMAIL PROTECTED]
Registered Linux User #270415
The fear of the Lord leads to life,
and he who has it shall abide in satisfaction;
he will not be visited with evil.
(Proverbs 19:23)
20:45:47 up 3 days, 11:00, 5 users, load average: 0.00, 0.00, 0.07
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
