[LARTC] iptables

[LARTC] iptables

[Tom]

<PRE>Isn't it possible with iptables to filter on DSCP field? 
Thanks,
Tom Aernoudt


</PRE>

[LARTC] iptables

[Wingtung.Leung]

<PRE>On Tue, 23 Jan 2001, Tom Aernoudt wrote:

&gt;<i>
</I>&gt;<i> Isn't it possible with iptables to filter on DSCP field?
</I>
I don't know, but I think this is more a question for the Netfilter list.
You can find more info about netfilter on:

<A HREF="http://netfilter.kernelnotes.org">http://netfilter.kernelnotes.org</A>

Regards.



</PRE>

[LARTC] iptables

[vanitha]

[-- Attachment #1: Type: text/plain, Size: 321 bytes --]

Hello 

Iam using iptables for denying a particular user ,by using mac-address in FORWARD chain
my query is that if i have to deny a user for a particular period of time , can the time option could be set in iptables
can anyone help me to set such an rule in iptables with the mac address

Advance Thanks
Vanitha

[-- Attachment #2: Type: text/html, Size: 976 bytes --]

[LARTC] iptables...

[Mikko Lyly]

i know this proly does not belong in this list but if any one has an idea why i am geting this please tell!

i keep geting this stuff to kernel logs

Forged DCC command from 10.255.128.4: 62.71.235.143:10388
Forged DCC command from 10.255.128.4: 62.71.235.143:10388
Forged DCC command from 10.255.128.4: 62.71.235.143:10347
Forged DCC command from 10.255.128.4: 62.71.235.143:10378
Forged DCC command from 10.255.128.4: 62.71.235.143:10336

i know it has something to do with mirc's dcc but why is it telling me that 
i changed from SNAT to MASQUERADE and that started to popup .. anyway to get rid of it?



-Mikko




_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/

Re: [LARTC] iptables...

[Patrick McHardy]

Mikko Lyly wrote:
> i know this proly does not belong in this list but if any one has an idea why i am geting this please tell!
> 
> i keep geting this stuff to kernel logs
> 
> Forged DCC command from 10.255.128.4: 62.71.235.143:10388
> Forged DCC command from 10.255.128.4: 62.71.235.143:10388
> Forged DCC command from 10.255.128.4: 62.71.235.143:10347
> Forged DCC command from 10.255.128.4: 62.71.235.143:10378
> Forged DCC command from 10.255.128.4: 62.71.235.143:10336
> 


Hmm IIRC the reason is the remote site not masquerading proper.
DCC transfer requests contain the ip, so if the remote person is
masquerading his traffic but not also changing the ip contained in
the dcc request iptables refuses to accept the connection as related
because the two ips differ. The RELATED expectation is made by
the connection tracking helper which parses the dcc requests. If it
would accept it, it would allow 10.255.128.4 to connect to some port
on your system, so someone evil could easily cirumvent your packet
filter rules by sending forged dcc requests.

Bye,
Patrick

_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/