raw packets and iptables

raw packets and iptables

Post by /dev/nul » Mon, 29 Sep 2003 06:38:24

Is it possible to build and transmit raw packets that iptables would
otherwise drop on that box?

For example, if the default policy on OUTPUT is to drop, and there's no rule
to allow outbound on port 'X', is it possible to build and send a raw packet
from port 'X', and bypass iptables, or will iptables still drop it?



1. raw socket packet and iptables

Hi, All,

        I want  to know how a raw packet passes the chain of iptables.

        Here are the iptables chains

        Conntrack    |       Filter   ^    NAT (Src)
        Mangle       |                |    Conntrack
        NAT (Dst)    |             [ROUTE]
        (QDisc)      v                |
                     IN Filter       OUT Conntrack
                     |  Conntrack     ^  Mangle
                     |                |  NAT (Dst)
                     v                |  Filter

        So how a raw packet go through these chains?


Xinwen Fu

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in

More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

2. X Error (X_CreatePixmap)

3. Looking for iptables applications code (iptables.c) to run some rules to forward packets

4. gateway

5. Matrox Mystique ands X.

6. Suggestions on 43P in home network

7. Intercepting raw IP packet

8. Syquest 105 Mb 3.5" IDE, does it work?

9. Receiving raw packets in a Streams network module

10. sample code that sends raw Ethernet packets?

11. Raw packet creating links

12. BUG? Raw packets with new networking code?

13. HELP on Raw Packets