Тема: IPTables: Филтриране по length (Прочетена 2003 пъти)

globaluty · « -: Feb 19, 2013, 13:06 »

Здравейте,

Може ли да ми кажете правило за филтриране по дължина на пакета? Искам да филтрирам всички пакети с големина 46 bytes.

Ако е възможно и команда, с която ако се получават повече от 5 пакета в секунда от IP адрес, също да ги дропва.

Благодаря предварително.

KPETEH · « **Отговор #1 -:** Feb 20, 2013, 13:20 »

Код:

iptables -I INPUT -p udp -m length --length 46 -j REJECT --reject-with icmp-host-unreachable

Може би ще помогне

globaluty · « **Отговор #2 -:** Feb 23, 2013, 15:03 »

Цитат на: KPETEH в Feb 20, 2013, 13:20

Код:
iptables -I INPUT -p udp -m length --length 46 -j REJECT --reject-with icmp-host-unreachable
Може би ще помогне

Провах с това, не върши работа.

laskov · « **Отговор #3 -:** Feb 23, 2013, 22:32 »

Цитат на: globaluty в Feb 23, 2013, 15:03

Цитат на: KPETEH в Feb 20, 2013, 13:20
Код:
iptables -I INPUT -p udp -m length --length 46 -j REJECT --reject-with icmp-host-unreachable
Може би ще помогне
Провах с това, не върши работа.

Как разбра?

mishomvp · « **Отговор #4 -:** Feb 24, 2013, 17:26 »

Какво си решил да филтрираш? DNS атаки?

globaluty · « **Отговор #5 -:** Feb 26, 2013, 19:59 »

Код:

Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 105.51.27.130:41764 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 160.96.49.158:41776 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 112.186.6.198:41778 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 115.141.205.180:41790 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 67.50.126.212:41792 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 144.50.87.126:41810 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 48.11.244.234:41820 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 117.141.196.212:41834 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 220.32.49.214:41832 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 50.32.39.180:41845 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 160.67.3.77:41853 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 69.244.48.243:41862 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 252.69.163.68:41865 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 11.207.50.230:41876 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 134.220.217.231:41889 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 215.169.143.202:41894 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 106.113.83.50:41902 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 119.160.130.12:41917 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 242.28.81.25:41918 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 66.115.11.105:41929 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 198.114.51.75:41933 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 87.124.186.153:41941 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 190.243.13.29:41949 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 244.79.144.112:41963 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 70.212.153.155:41969 to 95.111.44.34:27017
Mon Feb 18 20:31:55 2013; UDP; eth0; 46 bytes; source MAC address 003048672cad; from 106.133.11.210:41975 to 95.111.44.34:27017

Това съм решил да филтрирам. Всички IP адреси уж са чуждестранни, но не са. Няма и как да са, след като нямам международен канал.

KPETEH · « **Отговор #6 -:** Mar 08, 2013, 08:48 »

Я пробвай така :

Код:

iptables -I INPUT -m mac --mac-source 00:30:48:67:2c:ad -j REJECT --reject-with icmp-host-unreachable

Подобни теми
	Заглавие	Започната от	Отговора	Прегледи	Последна публикация
	Iptables Настройка на програми	mozly	1	7896	Dec 10, 2002, 23:48 от Vency
	iptables Настройка на програми	sunhater	3	7827	Apr 23, 2003, 15:02 от sunhater
	iptables Настройка на програми	dumdum	4	9125	Apr 30, 2003, 10:40 от dumdum
	IPTABLES Настройка на програми	achird	2	8809	May 20, 2003, 14:14 от achird
	Блокирване на length 104 Настройка на програми	emoto2	30	4473	May 03, 2014, 02:56 от gat3way

Автор Тема: IPTables: Филтриране по length (Прочетена 2003 пъти)

globaluty

IPTables: Филтриране по length

KPETEH

Re: IPTables: Филтриране по length

globaluty

Re: IPTables: Филтриране по length

laskov

Re: IPTables: Филтриране по length

mishomvp

Re: IPTables: Филтриране по length

globaluty

Re: IPTables: Филтриране по length

KPETEH

Re: IPTables: Филтриране по length