Anyone can read this ipchains rule for me?


Results 1 to 4 of 4

Thread: Anyone can read this ipchains rule for me?

  1. 12-21-2004, 12:28 AM #1
    forever_y
    forever_y is offline Registered User
    Join Date
    Dec 2004
    Posts
    9

    Question Anyone can read this ipchains rule for me?

    I am learning the ipchains recently and I am new to this. I found it in one example of a book without clear explaination.

    -A input -s 220.3.20.130/255.255.255.255 -d ! 192.168.1.0/255.255.255.0 -i eth0 -j ACCEPT

    1. what does this rule exactly mean?
    2. I don't quite understand the difference of using of /255.255.255.255 & /255.255.255.0?

    Thanks for your kind help.
    Reply With Quote Reply With Quote
  2. 12-21-2004, 01:00 AM #2
    palinux
    palinux is offline Registered User
    Join Date
    May 2003
    Location
    Philadelphia
    Posts
    103
    -A input -s 220.3.20.130/255.255.255.255 -d ! 192.168.1.0/255.255.255.0 -i eth0 -j ACCEPT

    -A input = Append to the Input Chain (ie: incoming packets)

    -s 220.3.20.130/255.255.255.255 = if the packet is coming from IP address 220.3.20.130

    -d ! 192.168.1.0/255.255.255.0 = and the destination is not anything in the 192.168.1 subnet (ie 192.168.1.0 - 192.168.1.255)

    -i eth0 = and if it's coming on from interface eth0

    -j ACCEPT = then accept the packet
    Reply With Quote Reply With Quote
  3. 12-21-2004, 01:05 AM #3
    bryan.6's Avatar
    bryan.6
    bryan.6 is offline Elven Archer
    Join Date
    Aug 2003
    Location
    South Dakota and Iowa
    Posts
    242
    hmm... i haven't used ipchains for a while, but i'll give this a shot with what i remember.

    alright, so i think we're taking things on input, with a source of 220.3.20.130/255.255.255.255 and a destination that isn't 192.168.1.0/255.255.255.0 on the interface eth0 and we're going to accept all of those. okay... that was just putting it in plain english for myself, and not really explaining anything, obviously.

    well... the source is 220.3.20.130 with a subnet mask 255.255.255.255, so i'm pretty sure that means the internet address 220.3.20.130 exactly, not .131, not .129, you know what i'm saying.

    the destination is 192.168.0.1 with a subnet mask 255.255.255.0, i think that means the range of internet address 198.168.1.0 all the way through 198.168.1.255.

    so what we've got then, is if a packet is coming from that specific ip address and not going to the internal network, then we'll accept it. if there is a -j DROP rule at the end of all of this, then ipchains will probably drop all of the packets that come from that specific ip and try to go to the internal network. does that help? i hope so.

    [EDIT]wow... somebody else answered while i was typing that up...[/EDIT]
    Reply With Quote Reply With Quote
  4. 12-21-2004, 02:29 AM #4
    forever_y
    forever_y is offline Registered User
    Join Date
    Dec 2004
    Posts
    9

    thanks!

    Thank you bryan.6! Thank you palinux! Both of your explainings are very clear and helpful......

    This is my first question here. You are so kind!
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules