Recipe 2.3 Blocking All Network Traffic

Previous page
Table of content
Next page

2.3.1 Problem

You want to block all network traffic by firewall.

2.3.2 Solution

For iptables:

# iptables -F # iptables -A INPUT -j REJECT # iptables -A OUTPUT -j REJECT # iptables -A FORWARD -j REJECT

For ipchains:

# ipchains -F # ipchains -A input -j REJECT # ipchains -A output -j REJECT # ipchains -A forward -j REJECT

2.3.3 Discussion

You could also stop your network device altogether with ifconfig [Recipe 3.2] or even unplug your network cable. It all depends on what level of control you need.

The target REJECT sends an error packet in response to the incoming packet. You can tailor iptables's error packet using the option reject-with. Alternatively, you can specify the targets DROP (iptables) and DENY (ipchains) that simply absorb the packet and produce no response. See Drop Versus Reject.

2.3.4 See Also

iptables(8), ipchains(8).

Rules in a chain are evaluated in sequential order.


Previous page
Table of content
Next page
Linux Security Cookbook
Linux Security Cookbook
ISBN: 0596003919
EAN: 2147483647
Year: 2006
Pages: 247
Authors: Daniel J. Barrett, Richard E. Silverman, Robert G. Byrnes
BUY ON AMAZON
Inside Network Security Assessment: Guarding Your IT Infrastructure
Professional Java Native Interfaces with SWT/JFace (Programmer to Programmer)
FileMaker Pro 8: The Missing Manual
Ruby Cookbook (Cookbooks (OReilly))
Oracle SQL*Plus: The Definitive Guide (Definitive Guides)
.NET-A Complete Development Cycle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy