[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Curious about iptables and ping behavior

On Fri, 12 Apr 2002 22:32:59 -0400 (EDT)
Nick Busigin <nick@xwing.org> wrote:

> I'm a little puzzled by the following behavior...
> 
> iptables -I INPUT x -s 216.151.93.0/24 -j DROP
> iptables -I INPUT x -d 216.151.93.0/24 -j DROP
> 
> As I understand it, those rules should block anything coming or going
> to/from the specified IP address range. 
 
You need to apply those rules on all chains, INPUT, OUTPUT, and FORWARD in order to block all incomming and outgoing traffic on your host.

> While ping (at the command line) appeared to not return anything, my DSL
> modem lights and tcpdump showed a different story.  This looks pretty
> strange to me. 
> 
> Anyone willing to shed some light on this behavior?
> 
>                                      Nick

A DSL modem is both a modem and a router (some even have bridging functionality). Your ICMP echo request flow's through the multihomed host and then back again before being dropped by IPTables. tcpdump is simply seing what's on the line between you and your router :)

Stef


-- 
To UNSUBSCRIBE, email to debian-firewall-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: