mark bag packets - iptables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: "Mail List - Linux Advanced Routing and Traffic Control" <lartc@xxxxxxxxxxxxxxx>
Subject: mark bag packets - iptables
From: "Indunil Jayasooriya" <indunil75@xxxxxxxxx>
Date: Fri, 7 Dec 2007 17:11:38 +0530

Hi All,

I want to create chains to mark bag packets.

my firewall has 3 network cards.

eth0 - connected to internet.
eth1 - connected to DMZ
eth2 - connected to LAN

eth0 only accepts SSH (tcp -port 22) and ICMP for pinging.. If it gets anything other than that, I want to create a new chain and log and DROP .

what are the suitable rules for it?

what about the below rule?

iptables -A INPUT -i eth0 -j bad_packets

I think I need some more rules as well. Could you pls help me to go ahead.

Similary, I need for FORWARD AND OUTPUT.

But, If I write for INPUT , I will be able to write for FORAWAD AND OUTPUT chains.

ANY IDEA?

--
Thank you
Indunil Jayasooriya

_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

Prev by Date: Re: HTB performance improvement
Next by Date: Re: HTB performance improvement
Previous by thread: how RED should work ?
Next by thread: Need HELP
Index(es):
- Date
- Thread

[Bugtraq] [Fedora Legacy] [GCC Help] [Yosemite News] [Yosemite Photos] [IP Tables] [Netfilter Devel] [Fedora Users]