Answer the question
In order to leave comments, you need to log in
U
U
ussr2012-04-03 13:07:54
ussr, 2012-04-03 13:07:54
iptables what do the ScanD rules & L&D?
Good afternoon!
I am setting up the server, and my hands have already reached iptables.
I spied on the configs on the old server, and there are rules like these
. What do these rules mean?
Googling didn't lead to anything.
*filter
...
:LnD - [0:0]
:LnR - [0:0]
:ScanD - [0:0]
....
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j ScanD
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN FIN,SYN -j ScanD
-A INPUT -p tcp -m tcp --tcp-flags SYN,RST SYN,RST -j ScanD
-A INPUT -p tcp -m tcp --tcp-flags FIN,RST FIN,RST -j ScanD
-A INPUT -p tcp -m tcp --tcp-flags FIN,ACK FIN -j ScanD
-A INPUT -p tcp -m tcp --tcp-flags PSH,ACK PSH -j ScanD
-A INPUT -p tcp -m tcp --tcp-flags ACK,URG URG -j ScanD
...
-A FORWARD -j LnR
....
-A OUTPUT -s 10.0.0.0/255.0.0.0 -j LnD
-A OUTPUT -d 10.0.0.0/255.0.0.0 -j LnD
-A OUTPUT -s 172.16.0.0/255.240.0.0 -j LnD
-A OUTPUT -d 172.16.0.0/255.240.0.0 -j LnD
-A OUTPUT -s 192.168.0.0/255.255.0.0 -j LnD
-A OUTPUT -d 192.168.0.0/255.255.0.0 -j LnD
-A OUTPUT -s 224.0.0.0/240.0.0.0 -j LnR
-A OUTPUT -d 240.0.0.0/248.0.0.0 -j LnR
-A OUTPUT -p tcp -j LnR
-A OUTPUT -p udp -j LnR
-A OUTPUT -p icmp -j LnR
1 answer(s)
@Claud
A
Andrey Shiryaev, 2012-04-03 @Claud
If you do not know the script that adds rules to iptables (you can see everything in it in a readable form), then most likely you can find it by looking at the /etc/init.d/iptables code.
Similar questions
A
A
B
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question