Re: Rule for PROTO=139? - Rob Sterenborg (lists)

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Rob Sterenborg (lists)" <lists@sterenborg.info>
To: "Walter H." <walter.h@mathemainzel.info>, netfilter@vger.kernel.org
Subject: Re: Rule for PROTO=139?
Date: Tue, 6 Sep 2016 13:20:55 +0200	[thread overview]
Message-ID: <57CEA697.9080308@sterenborg.info> (raw)
In-Reply-To: <562f1fbc3e658613eafdd2c6f5200be4.1473159539@squirrel.mail>

On 2016-09-06 12:58, Walter H. wrote:
> Hello,
>
> does anybody know with which rule I can catch these entries:
>
> [317607.438061] IN=br0 OUT= MAC=ff:ff:ff:ff:ff:ff:4c:72:b9:56:16:3e:08:00
> SRC=0.0.0.0 DST=255.255.255.255 LEN=72 TOS=0x00 PREC=0x00 TTL=255 ID=1624
> PROTO=139

According to my /etc/protocols, protocol 139 is called 'hip' (Host 
Identity Protocol). So, something like

     iptables -A INPUT -i br0 -p 139 -j DROP

or

     iptables -A INPUT -i br0 -p hip -j DROP

See also: man iptables

--
Rob

next prev parent reply	other threads:[~2016-09-06 11:20 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-09-06 10:58 Rule for PROTO=139? Walter H.
2016-09-06 11:20 ` Rob Sterenborg (lists) [this message]
2016-09-06 11:25 ` Andreas Hainke
     [not found] ` <3e24e1f4a88741f0979847f78ef0ecc1@CCDEX021.corp.corpcommon.com>
2016-09-06 12:03   ` Walter H.
     [not found]     ` <d563e5c593e3405c8eca5c001b4b25e1@CCDEX021.corp.corpcommon.com>
2016-09-06 17:41       ` Walter H.

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=57CEA697.9080308@sterenborg.info \
    --to=lists@sterenborg.info \
    --cc=netfilter@vger.kernel.org \
    --cc=walter.h@mathemainzel.info \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.