Re: How to ignore incoming packets

mirror of https://lore.kernel.org/linux-diald/git/0.git
 help / color / mirror / Atom feed

From: Mark Frey <markfrey@sympatico.ca>
To: Sudheimer <sudix@f3g.de>
Cc: linux-diald@vger.kernel.org
Subject: Re: How to ignore incoming packets
Date: Thu, 28 Aug 2003 07:25:53 -0400	[thread overview]
Message-ID: <3F4DE6C1.7050304@sympatico.ca> (raw)
In-Reply-To: <3F4DBAF8.BBF8B7FA@f3g.de>

Hi Joachim,

Thank you for pointing out the reset command!

Diald passes your ip address to the ip-up script, if defined.  You could 
make a template rule file with a unique pattern everywhere you want your 
own ip address to be, with lines something like this:

ignore tcp ip.daddr=192.168.255.255,tcp.dest=tcp.telnet

Then in the ip-up script ($3 contains the new local IP address):

cat template_file | sed s/192.168.255.255/$3/g >diald_rule_file
echo reset >/var/run/diald.fifo

I'll see if I can find time to try this out here.

Mark.



Sudheimer wrote:
> Hi,
> 
> thanks for your hint, Mark.
> 
> 
>>As far as I know, you can only do this if you have a static IP address.
>>  Then you can filter based on your fixed ip.daddr :
>>
>>ignore tcp ip.daddr=<your fixed ip>,tcp.dest=tcp.telnet
>>
>>I'd also like to know of any way to accomplish this with a dynamic address!
>>
> 
> It seems to be possible to re-read the config-files with a command to
> the FIFO:
> 
>    echo reset > /var/run/diald.fifo
> 
> I can do this while watching with dctrl and it seems to work fine (i.e.
> without changing connection status etc.)
> 
> I have not yet tested this with a rules file with changing own IPs,
> though. I am new to diald and it will probably take me quite some time
> to find out how to do this (and I am a bit short of time at the moment
> :-( )
> 
> According to man diald
>    var ip.saddr 12
> defines the IP source address of a packet. Maybe one could use something
> like this on a packet send by the own system once after getting the new
> own IP. (Can't imagine how, though.) 
> 
> If not, one might have to find out the own address with ifconfig ...
> |grep ... after each reconnection and use the result in the rules file.
> 
> Maybe somebody more familiar with diald can help or would like to dosome
> research/testing on this and report to the list...
> 
> 
> 
> Jaochim
> 
> 
> -------------------------------------------------------------------------
> 
>>Sudheimer wrote:
>>
>>>Hi everyone,
>>>
>>>I would like diald to ignore any incoming connection attempts.
>>>
>>>For example if I get incoming packages to my tcp port 23 (telnet), they
>>>fit the default rule of diald and keep up the line for 2 minutes (keepup
>>>tcp 120 any). I do not have telnetd running on this port and have also
>>>an ipchains packet denying these packets.
>>>
>>>Nevertheless these packages match the final catch-all rule of diald and
>>>keep up the line for 2 minutes (keepup tcp 120 any).
>>>
>>>On the other hand, I do not want to define a rule like "ignore telnet
>>>packets" because this would also match my own telnet-sessions to remote
>>>telnet servers.
>>>
>>>If it were possible for diald to distinguish between incoming and
>>>outgoing packets one could say somthing like "ignore incoming tcp SYN
>>>packets". Is there something like that?
>>>
>>>
>>>Joachim
> 
> -
> To unsubscribe from this list: send the line "unsubscribe linux-diald" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
>

next prev parent reply	other threads:[~2003-08-28 11:25 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-08-27 14:19 How to ignore incoming packets Sudheimer
2003-08-27 21:36 ` Mark Frey
2003-08-28  8:19   ` Sudheimer
2003-08-28 11:25     ` Mark Frey [this message]
2003-08-28 23:47       ` Mark Frey
2003-08-29 16:34         ` sudix

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3F4DE6C1.7050304@sympatico.ca \
    --to=markfrey@sympatico.ca \
    --cc=linux-diald@vger.kernel.org \
    --cc=sudix@f3g.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).