Drop of Broadcasts - openSUSE Security - openSUSE Mailing Lists

newer
SuSEFirewall2

Drop of Broadcasts

older
RE: [suse-security] hacked??

Dominik.Brosch＠epost.de

7 Feb 2002 7 Feb '02

13:12

Hi, Very simple question: How does a rule have to look, when I like to drop Broadcasts? I can't find any documentation about this. Thanks for your help. Greetings Dominik ________________________________________ Zeitschriftenabos online bestellen - jetzt neu im Infoboten! http://www.epost.de

Reply

Sign in to reply online Use email software

Show replies by date

Bjoern Engels

7 Feb 7 Feb

13:16

New subject: [suse-security] Drop of Broadcasts

On Thursday, 7. February 2002 14:12, Dominik.Brosch@epost.de wrote:

How does a rule have to look, when I like to drop Broadcasts? I can't find any documentation about this.

For global broadcasts, drop 255.255.255.255, for directed broadcasts it depends on your network address, if you have a 192.168.0.0/24 it would be 192.168.0.255, for examle. (The last "IP-Address" in your network is the broadcast address.) Bjoern

Reply

Sign in to reply online Use email software

Michael Appeldorn

13:36

New subject: [suse-security] Drop of Broadcasts

Hi,

Very simple question: How does a rule have to look, when I like to drop Broadcasts? I can't find any documentation about this.

If you will ask google.com : drop broadcast iptables the third answer is http://www.linuxguruz.org/iptables/scripts/rc.firewall_010.txt and there stands BROADCAST="x.x.x.255" (where the x.x.x is to fill up with your network or with 0) iptables -A INPUT -i $IFACE -d $BROADCAST -j DROP icmp broadcasts are named there 2 My 60 seconds Michael Appeldorn

Reply

Sign in to reply online Use email software

Harald Nikolisin

22 Feb 22 Feb

11:09

New subject: [suse-security] Drop of Broadcasts

Am Donnerstag, 7. Februar 2002 14:36 schrieben Sie:

...
Hi,

Very simple question: How does a rule have to look, when I like to drop Broadcasts? I can't find any documentation about this.

If you will ask google.com : drop broadcast iptables

the third answer is

http://www.linuxguruz.org/iptables/scripts/rc.firewall_010.txt

and there stands

BROADCAST="x.x.x.255" (where the x.x.x is to fill up with your network or with 0) iptables -A INPUT -i $IFACE -d $BROADCAST -j DROP

I think you should write iptables -A OUTPUT -o $IFACE -d $BROADCAST -j DROP

icmp broadcasts are named there 2

My 60 seconds

Michael Appeldorn

Reply

Sign in to reply online Use email software

Michael Appeldorn

13:35

New subject: [suse-security] Drop of Broadcasts

...
and there stands

BROADCAST="x.x.x.255" (where the x.x.x is to fill up with your network or with 0) iptables -A INPUT -i $IFACE -d $BROADCAST -j DROP

I think you should write

iptables -A OUTPUT -o $IFACE -d $BROADCAST -j DROP

Think it depends on the point of view. If you wont to answer to incoming broadcast my way seems right. if you wanto 2 prevent outgoing broadcasts from your network your suggestion should be ok. The truth is out there. Michael

Reply

Sign in to reply online Use email software

8121

Age (days ago)

8136

Last active (days ago)

Download

4 comments

4 participants

tags

participants (4)

Bjoern Engels
Dominik.Brosch＠epost.de
Harald Nikolisin
Michael Appeldorn