[linux-help] Re: packet filter
[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index] [Thread Index]
Well the picket filter does not neccessarily has to be run on routers or
gateways. Packetfiltering is a technique used to filter incoming/outgoing
packets whether TCP, UDP , ICMP..... u can implement it on a single machine
as well if u want to secure it...whenever u packet filter a machine you need
to specify interfaces yourselves, a single interface can be used for filtering
bi-directional packets as well, u can use multiple interfaces if u want to!,
IN LINUX u can use IPChains for that, for example if your machine has an IP
192.168.0.1, you want to give telnet access to a machine on your net which has
an IP of 192.168.0.89, u can write the following lines of chains:
-------------------------------------------
#Packet filtering Telnet Server
TRUSTED_HOST="192.168.0.89" (for example any other host on your net)
EXTERNAL_INTERFACE="eth0"
IPADDR="192.168.0.1"#(ip address of your eth0 interface -- local machine)
UNPRIVPORTS="1024:65535"
PRIVPORTS="0:1023"
#accept incoming tcp-packet if the packet is coming in through eth0, if source
#is $TRUSTED_HOST, source_port of the packet is in between the range of
#$PRIVPORTS and destination of the packet is $IPADDR and destination port is
#23.
ipchains -A input -i $EXTERNAL_INTERFACE -p tcp -s $TRUSTED_HOST $UNPRIVPORTS
-d $IPADDR 23 -j ACCEPT
#accept outgoing tcp-packet if the packet is going out through eth0, if source
#is $IPADDR, source_port of the packet is 23 and destination of the packet is
#$TRUSTED_HOST and destination port is in between the range of $UNPRIVPORTS.
ipchains -A output -i $EXTERNAL_INTERFACE -p tcp ! -y -s $IPADDR 23 -d
$TRUSTED_HOST $UNPRIVPORTS -j ACCEPT
------------------------------------------------------------
I HOPE THIS CLARIFIES!
>===== Original Message From linux-help@xxxxxxxxx =====
>hi! can somebody tell me more on this: when you develop a packet filter,
>this is almost always to be run on a router/gateway. now, which interface
>of the router is it attached to? and how is it done(in linux, specific)?
>
>what i mean is, packets attached to which iterface(2 ideally of the
>routers) are given to the packet filter? in a case, i have read of 2
>filters placed, on either side of ann app. gateway, one filtering incoming
>packets and the other one filtering outgoing packets. is this possible for
>one filter employed at a router(with 2 interfaces), the question is can
>the packet filter access packets coming from both interfaces and how does
>he make the decision of forwarding/not forwarding? sorry if this is
>another faq. thanks in advance.
>
>regards,
>Hareesh.
>
>
>
>
>
>-- This is the linux-help@xxxxxxxxx list. To unsubscribe,
>visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
----------------------------------
A DREAM IS A GOAL WITH A DEADLINE!
Weqaar Ali Janjua
BS.Computer Engineering
WSU
----------------------------------
-- This is the linux-help@xxxxxxxxx list. To unsubscribe,
visit http://tmp2.complete.org/cgi-bin/listargate-aclug.cgi
- [linux-help] Re: packet filter,
Weqaar Ali Janjua <=
|
|
