Hello all, I am messing around with iptables, trying to learn how it works so that I can build my self a router/firewall and mabey a VPN. Anyway I tried to use a command on my Desktop CentOS3 machine. "iptables -A INPUT -s 127.0.0.1 -p icmp -j DROP" now the command seems to have went through because I didn't get any errors, but when I go to ping 127.0.0.1 I am getting a response and my packet loss is 0%. It should be 100% packet loss. Can anyone tell me what I am doing wrong. I am not trying to do anything yet, just want to learn by exploring. Thanks all. __________________________________ Do you Yahoo!? Yahoo! Mail - 50x more storage than other providers! http://promotions.yahoo.com/new_mail
On Thu, 12 Aug 2004, scty Library wrote:> I am messing around with iptables, trying to learn how > it works so that I can build my self a router/firewall > and mabey a VPN. Anyway I tried to use a command on my > Desktop CentOS3 machine. > > "iptables -A INPUT -s 127.0.0.1 -p icmp -j DROP" > > now the command seems to have went through because I > didn't get any errors, but when I go to ping 127.0.0.1 > I am getting a response and my packet loss is 0%. It > should be 100% packet loss. > > Can anyone tell me what I am doing wrong. I am not > trying to do anything yet, just want to learn by > exploring.Try: iptables -A INPUT -d 127.0.0.1 -p icmp -j DROP Since you're pinging 127.0.0.1, that's the destination (-d) address, not the source (-s) address. -- dag wieers, dag at wieers.com, http://dag.wieers.com/ -- [Any errors in spelling, tact or fact are transmission errors]
iptables -A INPUT -d 127.0.0.1 -p icmp -m icmp --icmp-type 8 -j DROP DP On Thu, 2004-08-12 at 11:37, scty Library wrote:> Hello all, > > I am messing around with iptables, trying to learn how > it works so that I can build my self a router/firewall > and mabey a VPN. Anyway I tried to use a command on my > Desktop CentOS3 machine. > > "iptables -A INPUT -s 127.0.0.1 -p icmp -j DROP" > > now the command seems to have went through because I > didn't get any errors, but when I go to ping 127.0.0.1 > I am getting a response and my packet loss is 0%. It > should be 100% packet loss. > > Can anyone tell me what I am doing wrong. I am not > trying to do anything yet, just want to learn by > exploring. > > Thanks all. > > > > __________________________________ > Do you Yahoo!? > Yahoo! Mail - 50x more storage than other providers! > http://promotions.yahoo.com/new_mail > _______________________________________________ > CentOS mailing list > CentOS at caosity.org > http://www.caosity.org/mailman/listinfo/centos-------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://lists.centos.org/pipermail/centos/attachments/20040812/6a1f5a79/attachment-0005.sig>
Hey scty Library, I forget your name. I do not have an answer for your question exactly. However, I think I have a solution to the overall problem, and it is here: http://www.lowth.com/LinWiz/1.09/ I use the wizards to create my iptables files. I have a couple of basic files that I use, and then I tweek the appropriate one after copying it to a new install. For people who want a solution fast, the two wizards are great. I hope this helps. Rick On Thu, 12 Aug 2004, scty Library wrote:> I am messing around with iptables, trying to learnhow> it works so that I can build my self arouter/firewall> and mabey a VPN. Anyway I tried to use a command onmy> Desktop CentOS3 machine. > > "iptables -A INPUT -s 127.0.0.1 -p icmp -j DROP" > > now the command seems to have went through because I > didn't get any errors, but when I go to ping127.0.0.1> I am getting a response and my packet loss is 0%. It > should be 100% packet loss. > > Can anyone tell me what I am doing wrong. I am not > trying to do anything yet, just want to learn by > exploring.