From: Kostas K (acezerocool_at_yahoo.com)
Date: 13 Jul 2004 13:40:12 -0000 To: email@example.com('binary' encoding is not supported, stored as-is) In-Reply-To: <40EC6DD5.firstname.lastname@example.org>
i am using the following rules:
-iptables -t nat -A PREROUTING -i ppp0 -s 192.168.0.0/16 -j DROP
-iptables -t nat -A POSTROUTING -o ppp0 -d 192.168.0.0/16 -j DROP
Do you think that these rules meet the requirements and in case they do not i apply yours.
I have also disabled RIP in my router since it's not the gateway to Internet.
>My reading is that aa.aaa.aaa is probably attempting to send packets
>to address 192.168.1.100 OVER THE PPP LINK (i.e. out into the
>wider internet). [[ You should be egress filtering against such things ]]
>after a couple of hops, the packet hits a (border?) router that filters
>against such evils and it sends back the ICMP reject.
>-A FORWARD -o PPP0 -d 192.168.0.0/16 -J REJECT
>-A OUTPUT -o PPP0 -d 192.168.0.0/16 -J REJECT
>(similarly for other non-routable networks).
>That should get rid of your wierd messages.
>(( The other possibility is that someone else is faking your
>source address, but that's rarely of any use with TCP unless they're
>in a position to capture any response en-route. ))
>Stephen Samuel +1(604)876-0426 email@example.com
> Powerful committed communication. Transformation touching
> the jewel within each person and bringing it to light.