[nos-bbs] iptables help...
Boudewijn (Bob) Tenty
bobtenty at gmail.com
Tue Jun 16 19:29:50 EDT 2015
That is new.
Did you analyze where its source carrying address is coming from? (so
not the commercial address what is inside)
I wonder of one of our regular amprnet gateways is not functioning
without proper settings.
73,
Bob VE3TOK
On 15-06-16 06:48 PM, jerome schatten wrote:
> Hi...
>
> I'm trying to write some firewall rules to keep the bad guys out of my
> jnos system running on a Raspberry Pi. So far, I've been reasonably
> successful -- nice improvements, but I've hit a brick wall.
>
> I'm stuck trying to write a rule that does the following:
>
> In the FORWARD chain, take an IPIP ( protocol 4) packet that is found
> on the jnos side of tun0 interface and examine the encapsulated source
> address. If it is not a 44.0.0.0/8 address, drop it; if it is, send
> it on.
>
> There are ipip packets that appear on the jnos side of tun0 that are
> encapping a commercial ip address with another commercial ip address
> and then targeting my 44 address -- this is what I'm trying to get rid
> of at the moment.
>
> Maybe this is not possible with iptables?
>
> Ideas?
>
> Thanks
> jerome - ve7ass
>
More information about the nos-bbs
mailing list