hi, i am not an expert in iptables - actually am studying it - one thing - what rules did u set for the new chain MYSQL & SPOOF - unless & untill u set up rules for any NEW chains u create - its not going to work. On 6/30/05, Simon <dev@xxxxxxxxxxxxxxx> wrote: > Hi There, > > We are debian sarge with two ethernet cards.. To get eth1 (on a seperate > subnet) working correctly, ive had to change > /proc/sys/net/ipv4/conf/eth1/rp_filter to 0. Now i need a simple > solution to protect against spoofing attacks on this interface... I have > an example setup, but i want to make sure i have it correct.. can > someone confirm for me?... > > Note, this was a small script to block the mysql port on the server, but > then enable for certain time/ip dynamically by adding/removing chains. > > iptables -F > iptables -A INPUT -i lo -j ACCEPT > iptables -N MYSQL > iptables -N SPOOF > iptables -A INPUT -p tcp --dport 3306 -j MYSQL > iptables -A SPOOF -i eth1 -j SPOOF > iptables -A INPUT -p tcp --dport 3306 -j REJECT --reject-with tcp-reset > > Is this correct - or have i got it ALL wrong. > > Thanks > > Simon > > -- Happy! If not now never
