[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

ipchains & udp firewalling

this is driving me crazy.

i admit i suck at firewalling :)

BUT this just doesn't make sense.

what im tryin to do with ipchains (works fine with ipfwadm) is for

block port 111 both udp and tcp.

the commands im using is:

/sbin/ipchains -A input -s  -d 111 -p tcp -j DENY
/sbin/ipchains -A input -s  -d 111 -p udp -j DENY

the tcp filtering works fine according to nmap, but also according to nmap
udp is not filtered, i am using nmap 2.2-BETA4 on linux 2.2.14 SMP
i686(+ow2 from www.openwall.com/linux/) i am also testing it using nmap
2.30-BETA17 with the same results.

i have tried both ipchains native and ipfwadm-wrapper, they give the same
results, i can filter tcp no problem, but udp is acting really
weird.  maybe its a nmap problem ??  is there a better way to test a
udp firewall ??

help! :)


----------------------------------------[mailto:aphro@aphroland.org ]--
   Vice President Network Operations       http://www.firetrail.com/
  Firetrail Internet Services Limited      http://www.aphroland.org/
       Everett, WA 425-348-7336            http://www.linuxpowered.net/
            Powered By:                    http://comedy.aphroland.org/
    Debian 2.1 Linux 2.0.36 SMP            http://yahoo.aphroland.org/
-----------------------------------------[mailto:aphro@netquest.net ]--
6:08pm up 7 days, 23:48, 1 user, load average: 0.10, 0.09, 0.05

Reply to: