[nos-bbs] iptables help...
jerome schatten
romers at shaw.ca
Tue Jun 16 18:48:14 EDT 2015
Hi...
I'm trying to write some firewall rules to keep the bad guys out of my
jnos system running on a Raspberry Pi. So far, I've been reasonably
successful -- nice improvements, but I've hit a brick wall.
I'm stuck trying to write a rule that does the following:
In the FORWARD chain, take an IPIP ( protocol 4) packet that is found on
the jnos side of tun0 interface and examine the encapsulated source
address. If it is not a 44.0.0.0/8 address, drop it; if it is, send it on.
There are ipip packets that appear on the jnos side of tun0 that are
encapping a commercial ip address with another commercial ip address and
then targeting my 44 address -- this is what I'm trying to get rid of at
the moment.
Maybe this is not possible with iptables?
Ideas?
Thanks
jerome - ve7ass
More information about the nos-bbs
mailing list