thr3ads.net - netfilter buglog - [Bug 966] New: iptables can't change or drop or any effect on scapy packet! [Jul 2014]

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon at netfilter.org

2014-Jul-16 21:09 UTC

[Bug 966] New: iptables can't change or drop or any effect on scapy packet!

https://bugzilla.netfilter.org/show_bug.cgi?id=966

           Summary: iptables can't change or drop or any effect on scapy
                    packet!
           Product: iptables
           Version: 1.4.x
          Platform: All
        OS/Version: Ubuntu
            Status: NEW
          Severity: major
          Priority: P5
         Component: iptables
        AssignedTo: netfilter-buglog at lists.netfilter.org
        ReportedBy: persianjambon at yahoo.com
   Estimated Hours: 0.0


this is my commnad:

iptables  -I OUTPUT -p udp -m udp --dport 53 -j DROP


and i create and send scapy packet:

sr1(IP(dst="4.2.2.4")/UDP()/DNS(rd=1,qd=DNSQR(qname="iranled.com")))


but iptable not DROP this packet!!!

OR:

this rule:

iptables -t nat -A OUTPUT -p udp -m udp --dport 53 -j DNAT --to-destination
8.8.8.8

and all scapy pcket hoing to 4.2.2.4

tcpdump output:
04:43:00.442453 IP 192.168.1.2.53 > 4.2.2.4.53: UDP, length 29
04:43:00.855930 IP 4.2.2.4.53 > 192.168.1.2.53: UDP, length 45


AND:
http://unix.stackexchange.com/questions/144729/iptables-rule-no-actions-on-scapy-packets

-- 
Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

Seemingly Similar Threads

Search for more seemingly similar threads

netfilter buglog - Jul 2014 - [Bug 966] New: iptables can't change or drop or any effect on scapy packet!

[Bug 966] New: iptables can't change or drop or any effect on scapy packet!

Seemingly Similar Threads

Wisdom of the Ancients