ipchains & udp firewalling

To: Debian user mailinglist <debian-user@lists.debian.org>
Subject: ipchains & udp firewalling
From: aphro <nate@firetrail.com>
Date: Tue, 4 Apr 2000 18:14:09 -0700 (PDT)
Message-id: <[🔎] Pine.LNX.4.21.0004041808550.12671-100000@galactica.firetrail.com>

this is driving me crazy.

i admit i suck at firewalling :)

BUT this just doesn't make sense.

what im tryin to do with ipchains (works fine with ipfwadm) is for
example:

block port 111 both udp and tcp.

the commands im using is:

/sbin/ipchains -A input -s 0.0.0.0/0  -d 208.222.179.27 111 -p tcp -j DENY
/sbin/ipchains -A input -s 0.0.0.0/0  -d 208.222.179.27 111 -p udp -j DENY

the tcp filtering works fine according to nmap, but also according to nmap
udp is not filtered, i am using nmap 2.2-BETA4 on linux 2.2.14 SMP
i686(+ow2 from www.openwall.com/linux/) i am also testing it using nmap
2.30-BETA17 with the same results.

i have tried both ipchains native and ipfwadm-wrapper, they give the same
results, i can filter tcp no problem, but udp is acting really
weird.  maybe its a nmap problem ??  is there a better way to test a
udp firewall ??

help! :)

nate

----------------------------------------[mailto:aphro@aphroland.org ]--
   Vice President Network Operations       http://www.firetrail.com/
  Firetrail Internet Services Limited      http://www.aphroland.org/
       Everett, WA 425-348-7336            http://www.linuxpowered.net/
            Powered By:                    http://comedy.aphroland.org/
    Debian 2.1 Linux 2.0.36 SMP            http://yahoo.aphroland.org/
-----------------------------------------[mailto:aphro@netquest.net ]--
6:08pm up 7 days, 23:48, 1 user, load average: 0.10, 0.09, 0.05

Reply to:

Prev by Date: Re: file runner
Next by Date: i want a large (16MB+) initial ramdisk...
Previous by thread: Re: ssh X forwarding not working
Next by thread: i want a large (16MB+) initial ramdisk...
Index(es):
- Date
- Thread