All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Burnside, Andrew" <Andrew.Burnside@thalesgroup.com>
To: lartc@vger.kernel.org
Subject: [LARTC] Re: looking for bridging/filtering info
Date: Tue, 24 Jun 2003 13:25:35 +0000	[thread overview]
Message-ID: <marc-lartc-105646171506592@msgid-missing> (raw)

For information about ipchains/iptables see www.netfilter.org
The best up to date description of bridging I've seen is at
ebtables.sourceforge.net, lots of nice diagrams showing the interaction of
the bridge-nf code, ebtables and iptables - see doc ebtables/iptables
interaction on Linux based bridge. This should help clarify what order
things occur in.
Most of this code comes in the 2.5 kernel source tree, though patches are
available for 2.4.
Hope that this helps
Andrew
[Original message]
I'm using a linux bridge with ipchains (will be setting up some shaping in
the near future), and looking for any current doc on specifics of ipchains
filtering on a bridge (e.g., input and output chains become a bit of a
paradox). At the moment, I'm looking for ways to defeat Microsoft popup
spammers from www.byebyeads.com (they want the end user to pay them an
extortion fee to stop sending popups that crash some windows apps). I
already had ports 137 through 139 blocked to all tcp/udp, and recently added
135, but there also seem to be some broadcast methods of getting in, plus
NetBEUI or variants, which will require more interesting ipchains rules.
Thus, I'm especially interested in getting more info on how (using a linux
bridge) I can stop various forms of broadcast attacks (which I am very
unclear on the nature of). D. Stimits, stimits AT attbi DOT com 

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

                 reply	other threads:[~2003-06-24 13:25 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=marc-lartc-105646171506592@msgid-missing \
    --to=andrew.burnside@thalesgroup.com \
    --cc=lartc@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.