LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Drop pings from specific IP address
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 10-13-2004, 04:02 PM   #1
GUIPenguin
Member
 
Registered: Aug 2004
Location: Maine
Distribution: Gentoo Linux
Posts: 239

Rep: Reputation: 30
Question Drop pings from specific IP address -- another question at Bottom

I need to drop pings from a specific IP address becouse some of my friends use our school LTSP server via VNC as a proxy when scanning me


I would usaly use
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all

which works Great if I wanted to drop all ICMP ping requests from Everyone
but I need just to drop pings from my school Thanks!

I need a rule I can use with IPtables
Im running IPcop 1.3.0
Last edited by GUIPenguin; 10-13-2004 at 09:15 PM.
 
Old 10-13-2004, 04:42 PM   #2
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 422Reputation: 422Reputation: 422Reputation: 422Reputation: 422
I believe something like this might work:

iptables -A INPUT -i eth0 -p ICMP -s 1.2.3.4 -j DROP

Just replace 1.2.3.4 with your school's IP and eth0 with the interface you want to watch
 
Old 10-13-2004, 05:10 PM   #3
GUIPenguin
Member
 
Registered: Aug 2004
Location: Maine
Distribution: Gentoo Linux
Posts: 239

Original Poster
Rep: Reputation: 30
Question Any more suggestions??
I added that rule then connected to our LTSP server and could still ping my ip

Any more suggestions?? Thanks!
Last edited by GUIPenguin; 10-13-2004 at 05:14 PM.
 
Old 10-13-2004, 05:49 PM   #4
Demonbane
LQ Guru
 
Registered: Aug 2003
Location: Sydney, Australia
Distribution: Gentoo
Posts: 1,796

Rep: Reputation: 47
make sure there isn't any rules before that one which allows the ping to go through
 
Old 10-13-2004, 06:26 PM   #5
GUIPenguin
Member
 
Registered: Aug 2004
Location: Maine
Distribution: Gentoo Linux
Posts: 239

Original Poster
Rep: Reputation: 30
when I do iptables -L its a little confusing about the groups their in and the orders. I dont really know that much about it to switch orders or delete somthing
 
Old 10-13-2004, 06:46 PM   #6
Demonbane
LQ Guru
 
Registered: Aug 2003
Location: Sydney, Australia
Distribution: Gentoo
Posts: 1,796

Rep: Reputation: 47
Ok in that case try using -I instead of -A, so the rule gets inserted to the top of the chain instead of appending to the bottom. In fact while you're at it you might want to block ping specificly instead of all icmp, and maybe do some logging.
Code:
iptables -I INPUT -m limit -p icmp --icmp-type echo-request -s 1.2.3.4 -j LOG --log-prefix="evil ping..."

iptables -I INPUT -p icmp --icmp-type echo-request -s 1.2.3.4 -j DROP
Last edited by Demonbane; 10-13-2004 at 06:52 PM.
 
Old 10-13-2004, 06:52 PM   #7
GUIPenguin
Member
 
Registered: Aug 2004
Location: Maine
Distribution: Gentoo Linux
Posts: 239

Original Poster
Rep: Reputation: 30
Thanks
Last edited by GUIPenguin; 10-13-2004 at 09:08 PM.
 
Old 10-13-2004, 09:13 PM   #8
GUIPenguin
Member
 
Registered: Aug 2004
Location: Maine
Distribution: Gentoo Linux
Posts: 239

Original Poster
Rep: Reputation: 30
Very sorry about the dubble Post here!


Ok now It comes to saving my rules, I read that the rules are set to memory and after a reboot they are flushed, and thats what happened.

I googled for saving iptables rules and found This


But it says no such servace, This is for redhat but thought it may be close enough

If anyone knows how to save iptables rules for IPCop 1.3.0 I would love your help!
 
Old 10-13-2004, 09:30 PM   #9
Demonbane
LQ Guru
 
Registered: Aug 2003
Location: Sydney, Australia
Distribution: Gentoo
Posts: 1,796

Rep: Reputation: 47
try putting the commands in /etc/rc.d/rc.local
 
Old 10-13-2004, 09:44 PM   #10
GUIPenguin
Member
 
Registered: Aug 2004
Location: Maine
Distribution: Gentoo Linux
Posts: 239

Original Poster
Rep: Reputation: 30
Unhappy Nope.......
no rc.local in that dir

rc.firewall? yet I dont see anywhere to put it in there ether
 
Old 10-13-2004, 10:18 PM   #11
Demonbane
LQ Guru
 
Registered: Aug 2003
Location: Sydney, Australia
Distribution: Gentoo
Posts: 1,796

Rep: Reputation: 47
put it in rc.firewall then, right after

/sbin/iptables -P OUTPUT ACCEPT
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
drop packets for specific port with iptables ohcarol Linux - Security 1 07-03-2005 10:48 AM
mysql drop revoke user from specific host ? RedHat123 Programming 0 04-21-2005 02:54 PM
iptables - drop all -> allow needed OR allow all -> drop specific lucastic Linux - Security 5 12-21-2004 02:07 AM
iptables how drop ip address issin Linux - Networking 4 09-02-2004 06:45 AM
routing mail out on a specific IP address LordFarquad Linux - Networking 0 09-01-2004 07:20 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 07:11 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration