same netmask, Can not block my Ip properly

same netmask, Can not block my Ip properly

Post by datavau.. » Thu, 05 Jan 2006 11:48:59



my eth0 is  196.40.74.126  netmask  255.255.255.240   , gateway is
196.40.74.113  ,   eth1 196.40.74.125  netmask  255.255.255.240.

it is not a normal  network. but my ISP told me have to work this way.
normally  the outbound interface has a dfferent  netmast than the
inbound interface.

 seems that the access fine from outside.

I used  this script  to block my 196.40.74.116( netmask is
255.255.255.240, gateway is 196.40.74.125) , but not successfully , can
any one tell me why?

any help is appreicated.

# Generated by iptables-save v1.2.11 on Tue Jan  3 08:39:30 2006
*filter
:INPUT ACCEPT [16:792]
:FORWARD DROP [101:5872]
:OUTPUT ACCEPT [34:2692]
:RH-Firewall-1-INPUT - [0:0]
:insideOnly - [0:0]
-A INPUT -d 196.40.74.126 -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j DROP
-A FORWARD -d 196.40.74.116 -i eth0 -o eth1 -p tcp -m tcp --dport 80 -j
DROP
-A FORWARD -i eth0 -o eth1 -j ACCEPT
-A FORWARD -i eth1 -o eth0 -j ACCEPT
-A insideOnly -i eth0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A insideOnly -i ! eth0 -m state --state NEW -j ACCEPT
COMMIT
# Completed on Tue Jan  3 08:39:30 2006
# Generated by iptables-save v1.2.11 on Tue Jan  3 08:39:30 2006
*nat
:PREROUTING ACCEPT [30:5452]
:POSTROUTING ACCEPT [12:4200]
:OUTPUT ACCEPT [0:0]
COMMIT
# Completed on Tue Jan  3 08:39:30 2006

 
 
 

1. Netmask not set properly in Solaris 8?

In one of my Solaris 8 machine.

/etc/netmasks is
9.1.1.0 255.255.255.0

but when I run ifconfig, it turn out that the netmask is 255.0.0.0
(ff000000).
inet 9.1.1.10 netmask ff000000 broadcast 9.255.255.255

It's very strange. I have reboot the machine several time. The problem
is still there. Is this a bug in Solaris to handle netmask. Please
help!

2. HELP!! passwd inside batch script

3. It's not bad canned meat...

4. Linux support

5. Why ip-fw reject for IP's outside node's netmask?

6. Tape Libraries and Free Backup Software

7. IP, netmask, and gateway Ip addresses

8. e1000 as module gives unresolved symbol _mmx_memcpy

9. It's not bad canned meat...

10. Very strange, multiple IP addresses on the same Ethernet card do not route properly

11. Why doesn't /etc/netmasks correctly set my netmasks?

12. IPtables rules to block by symbolic host name, not IP ?

13. eth0 not found/Intel Gigabyte not working properly on RH7.3