dropping multicast protocol in iptables howto?

To: debian-user@lists.debian.org
Subject: dropping multicast protocol in iptables howto?
From: "john smith" <inquirer23@hotmail.com>
Date: Fri, 17 Aug 2001 23:01:16 +0000
Message-id: <[🔎] F223uRWCy7rjcxtniFK00000c74@hotmail.com>

I would like to know how to drop multicast protocols in iptables since I getthis annoying message "IN=ppp0 OUT= MAC= SRC=209.247.5.159 DST=224.0.0.1LEN=28 TOS=0x00 PREC=0x00 TTL=1 ID=16163 PROTO=2"when logged into the console. I have attached my firewall script if itcould help...


thanks

#Point this to your copy of ip_tables
IPT="/sbin/iptables"

#Load the module.
modprobe ip_tables

#Flush old rules, delete the firewall chain if it exists
# $IPT -F
# $IPT -F -t nat
# $IPT -X firewall

#Setup Masquerading. Change the IP to your internal network and uncomment
#this in order to enable it.
$IPT -A POSTROUTING -t nat -s 192.168.0.0/24 -j MASQUERADE
# $IPT -A  POSTROUTING -t nat -o ppp0 -j MASQUERADE
$IPT -P FORWARD ACCEPT
echo 1 > /proc/sys/net/ipv4/ip_forward
$IPT -A INPUT -i ppp0 -p tcp --syn -j DROP
$IPT -A INPUT -s 199.95.206.210 -j DROP
$IPT -A OUTPUT -s 209.247.5.159 -j DROP
$IPT -A INPUT -s 209.247.5.159 -j DROP


#Set up the firewall chain
$IPT -N firewall
$IPT -A firewall -j LOG --log-level info --log-prefix "Firewall:"
$IPT -A firewall -j DROP



#Accept ourselves
#$IPT -A INPUT -s 127.0.0.1/32 -d 127.0.0.1/32 -j ACCEPT
#If you're using IP Masquerading, change this IP to whatever your internl
#IP addres is and uncomment it
#$IPT -A INPUT -s 192.168.0.1/32 -d 0/0 -j ACCEPT

#Accept DNS, 'cause it's warm and friendly
$IPT -A INPUT -p udp --source-port 53 -j ACCEPT
$IPT -A INPUT -p tcp --source-port 113 -j ACCEPT
$IPT -A INPUT -p tcp --destination-port 113 -j ACCEPT

#Allow ftp to send data back and forth.

$IPT -A INPUT -p tcp ! --syn --source-port 20 --destination-port 1024:65535-j ACCEPT


#Accept SSH. Duh.
$IPT -A INPUT -p tcp --destination-port 22  -j ACCEPT

#Send everything else ot the firewall.
$IPT -A INPUT -p icmp -j firewall
$IPT -A INPUT -p tcp --syn -j firewall
$IPT -A INPUT -p udp -j firewall
$IPT -A INPUT -p igmp -j firewall

# FROM THE OLD SCRIpt
#  $IPTABLES -P FORWARD ACCEPT
#  $IPTABLES -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
#  $IPTABLES -A INPUT -i ppp0 -p tcp --syn -j DROP
#  $IPTABLES -A INPUT -s 199.95.206.210 -j DROP

#kill the IGMP proc 2 packets

$IPT -A INPUT -p igmp -d 244.0.0.1 -j DROP




_________________________________________________________________
Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp

Reply to:

Prev by Date: Re: Exim behind dhcp/ipmasq
Next by Date: Netscape and Esound
Previous by thread: IPMI support in Debian
Next by thread: Netscape and Esound
Index(es):
- Date
- Thread