Hi All,
today/tonight, I've been looking at iptables more deeply. I use
firestarter, and correct me if I'm wrong, it is a gui for iptables,
yes..? Below are the rules for input shown from iptables -L -v,
[root@localhost ~]# iptables -L -v
Chain INPUT (policy DROP 1 packets, 2772 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- any any warpstar-62a102 anywhere tcp
flags:!SYN,RST,ACK/SYN
24 3341 ACCEPT udp -- any any warpstar-62a102 anywhere
1212 1331K ACCEPT all -- lo any anywhere anywhere
0 0 ACCEPT icmp -- any any anywhere anywhere limit: avg 10/sec burst 5
0 0 DROP all -- eth0 any anywhere 255.255.255.255
0 0 DROP all -- any any anywhere 192.168.0.255
0 0 DROP all -- any any BASE-ADDRESS.MCAST.NET/8 anywhere
0 0 DROP all -- any any anywhere BASE-ADDRESS.MCAST.NET/8
0 0 DROP all -- any any 255.255.255.255 anywhere
0 0 DROP all -- any any anywhere 0.0.0.0
0 0 DROP all -- any any anywhere anywhere state INVALID
0 0 LSI all -f any any anywhere anywhere limit: avg 10/min burst 5
188 180K INBOUND all -- eth0 any anywhere anywhere
0 0 LOG_FILTER all -- any any anywhere anywhere
0 0 LOG all -- any any anywhere anywhere LOG level info prefix `Unknown
Input'
I'm rather curious about the 1st 2,
0 0 ACCEPT tcp -- any any warpstar-62a102 anywhere tcp
flags:!SYN,RST,ACK/SYN
24 3341 ACCEPT udp -- any any warpstar-62a102 anywhere
as that is the hostname of my sharemate's adsl router. Is that due to
DHCP.? Also see similar in outbound,
0 0 ACCEPT tcp -- any any warpstar-62a102 anywhere tcp dpts:bootps:bootpc
0 0 ACCEPT udp -- any any warpstar-62a102 anywhere udp dpts:bootps:bootpc
It's gotta be DHCP, yes..? Cheers.
Mark Sargent.
