On Wed, 2003-11-05 at 14:51, Antony Stone wrote: > On Wednesday 05 November 2003 7:31 pm, Leandro Takashi Hirano wrote: > > > Now I would like to know about the IP Spoofing rule, how does it works? > > > > - iptables -A INPUT -s 192.168.1.0/24 -i ! eth0 -j DROP > > Any packet with a source address in the Class C range 192.168.1.x which does > not come from eth0 will be DROPped. Funny I was similarly confused. What happens to packets from the LAN given that they don't originate from eth0? > > > I don´t know how can it block ip spoofing attack... > > These rules assume that eth0 is your internal network, and your internal > network range is 192.168.1.0/24. > > No packets with your own source address should come from outside (rule 1) and > all packets from inside should have your own source address (rule 2). > > Therefore these two rules stop people on the outside pretending that they > live on your network, and people on the inside pretending that they don't. > > Antony.
Attachment:
signature.asc
Description: This is a digitally signed message part
