Public IP Confusion

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Todd L <00todd@gmail.com>
To: netfilter@lists.netfilter.org
Subject: Public IP Confusion
Date: Wed, 17 Nov 2004 16:52:24 -0500	[thread overview]
Message-ID: <cbbdce6c04111713523d175e8f@mail.gmail.com> (raw)

Hi everyone,

This is my first post to this list. 

I am fairly new to netfilter and iptables and I wanted to do the
following setup to protect a class C network from the occasional IP
Fragment, SYN and similar DDOS attacks.

My ISP has a router which is .1 on the network and my gateway for the
machines on the class C. The ISP gives me an ethernet handoff which
goes into my switch and my server are plugged into that switch with
gateway of 1 and netmask of 255.255.255.0.

 I would like to place a linux box using iptables in between the
switch and the ISP ethernet handoff to block attackers IP addresses.

What I though I could do is have ISP ethernet to  Eth0 on linux box.
Eth1 on linux box to switch and then somehow make the linux box
transparent to the network. From what I have read it almost seems like
I need a mix of SNAT and NAT but I am unsure on how to proceed. I have
read a lot of the documentation and HOWTOs  and I have not found any
examples of this type of a scenario.

Any Advice?

Thank you,

Todd

next             reply	other threads:[~2004-11-17 21:52 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-11-17 21:52 Todd L [this message]
2004-11-17 22:13 ` Public IP Confusion Josh Nerius
2004-11-17 22:19 ` Samuel Jean

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=cbbdce6c04111713523d175e8f@mail.gmail.com \
    --to=00todd@gmail.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.