RE: Re: [fw-wiz] Wayyy too many spoofed packets

From: Chris de Vidal (
Date: 11/25/03

  • Next message: Wes Noonan: "[fw-wiz] Problem with TCP 1433, conduits and ACLs..."
    To: "Daniel Linder" <>
    Date: Tue, 25 Nov 2003 00:03:43 -0500 (EST)

    Daniel Linder said:
    > Can you setup the iptables rules on the other machines to log
    > broadcasts from your "suspect" server and see if they see it coming in
    > at the same time too? I would guess that your first server has Samba
    > running and sending SMB broadcasts to the network, and the iptables is
    > seeing the traffic. Does the iptables log keep the MAC address? Might
    > help you track it down.

    Good ideas. Nope, it does not show the MAC.

    I suspect I'll have to wait 'til after Thanksgiving to work on this.. I
    hoped to backend two PCs with a crossover and see what I see.

    firewall-wizards mailing list

  • Next message: Wes Noonan: "[fw-wiz] Problem with TCP 1433, conduits and ACLs..."

    Relevant Pages

    • Re: Q: iptables rule generation software?
      ... > i am given the task to generate iptables rules for a few dozen machines. ... Then you can also block fragmented packets, ...
    • Re: IpTables Question for Eth1
      ... "Re: IpTables Question for Eth1" to comp.os.linux.networking: ... using the mac module to do the actual matching against the desired MAC. ... >No. HTTP operates con 80/TCP only. ... >There's no need to specify individual ports or protocols since packets ...
    • Re: help on masquerading
      ... iptables -P FORWARD DROP ... Now wouldn't he be able to change the ip and still be connected because he still has the same hardware mac address and consume more bandwidth. ...
    • IPTABLES netfilter mac drops
      ... I have a gentoo system with 2.4.26 kenel and 1.2.9 iptables. ... I have the kernel compiled with MAC netfilter. ... I am having difficulty achieving the desired result with this chain. ... Am I wrong thinking if a machine behind my firewall (on my inward network) that has ...
    • Re: mount nfs - Operation not permitted
      ... >>> Did I mention that I turned iptables off? ... >>> Maybe Mac's use insecure ports for nfs connections? ... >>> making the Mac use a secure port for nfs. ... > Yes, it works with iptables started, but the only established connection I ...