Firewall functions: IPTABLES
SRC=10.10.1.209 DST=10.10.113.1 LEN=84 TOS=0x00 PREC=0xC0 TTL=64 ID=61743
PROTO=ICMP TYPE=0 CODE=0 ID=5735 SEQ=0
Feb 10 18:25:50 im1 kernel: permit-logicmp:IN=eth0 OUT=
MAC=00:0d:5a:04:6b:3e:00:16:d4:4d:65:a7:08:00
SRC=10.10.1.209 DST=10.10.113.1 LEN=84 TOS=0x00 PREC=0xC0 TTL=64 ID=61744
PROTO=ICMP TYPE=0 CODE=0 ID=5743 SEQ=0
PACKET ACCOUNTING
When no target is specified only the packets satisfying the configured rule are counted so providing
an instrument of packet accounting.
For example, in order to count all packets received from the eth0 interface and addressed to the
router the command is:
iptables –A INPUT –i eth0
and in order to verify this number:
iptables -L -v
which produces the following output:
Chain INPUT (policy ACCEPT 1185 packets, 80642 bytes)
pkts bytes target prot opt in out source destination
86 3513 all -- eth0 any anywhere anywhere
In order to reset the counters:
iptables –Z.
In order to count all the packets addressed by the router to the IP address 10.10.1.209:
iptables –A OUTPUT –d 10.10.1.209
and in order to display the value the command is iptables –L –v which produces:
Chain INPUT (policy ACCEPT 182 packets, 12015 bytes)
pkts bytes target prot opt in out source destination
86 3902 all -- eth0 any anywhere anywhere
Chain OUTPUT (policy ACCEPT 154 packets, 11812 bytes)
pkts bytes target prot opt in out source destination
9 514 all -- any any anywhere 10.10.1.209
In order to count packets in transit from address 192.168.1.2 and addressed to port 80 of the
address 217.201.1.24 the command is:
iptables –A FORWARD –p tcp –-dport 80 –s 192.168.1.2 –d 217.201.1.24
In order to count UDP packets in transit from the sub-network 192.168.1.0/24 the command is:
iptables –A FORWARD –p udp –s 192.168.1.0/24
Examples:
In order to block all the TCP accesses towards host 10.10.1.1 the command is:
To Next Page
Loading...
Need help?
General
