[nos-bbs] iptables help...

Boudewijn (Bob) Tenty bobtenty at gmail.com
Tue Jun 16 19:29:50 EDT 2015


That is new.
Did you analyze where its source carrying address is coming from? (so 
not the commercial address what is inside)
I wonder of one of our regular amprnet gateways is not functioning 
without proper settings.

73,

Bob VE3TOK

On 15-06-16 06:48 PM, jerome schatten wrote:
> Hi...
>
> I'm trying to write some firewall rules to keep the bad guys out of my 
> jnos  system running on a Raspberry Pi.  So far, I've been reasonably 
> successful -- nice improvements, but I've hit a brick wall.
>
> I'm stuck trying to write a rule that does the following:
>
> In the FORWARD chain, take an IPIP ( protocol 4) packet that is found 
> on the jnos side of tun0 interface and examine the encapsulated source 
> address.  If it is not a 44.0.0.0/8 address, drop it; if it is, send 
> it on.
>
> There are ipip packets that appear on the jnos side of tun0 that are 
> encapping a commercial ip address with another commercial ip address 
> and then targeting my 44 address -- this is what I'm trying to get rid 
> of at the moment.
>
> Maybe this is not possible with iptables?
>
> Ideas?
>
> Thanks
> jerome - ve7ass
>




More information about the nos-bbs mailing list