iptables --tcp-flags
Clash Royale CLAN TAG#URR8PPP
up vote
3
down vote
favorite
Question 1: are the following rules equal?
iptables -t raw -A PREROUTING -p tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
iptables -t raw -A PREROUTING -p tcp --tcp-flags ALL NONE -j DROP
Question 2: are the following rules equal?
iptables -t raw -A PREROUTING -p tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
iptables -t raw -A PREROUTING -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
I'm new to iptables and I'm a bit confused because some tutorials suggest to use those four rules.
iptables
add a comment |Â
up vote
3
down vote
favorite
Question 1: are the following rules equal?
iptables -t raw -A PREROUTING -p tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
iptables -t raw -A PREROUTING -p tcp --tcp-flags ALL NONE -j DROP
Question 2: are the following rules equal?
iptables -t raw -A PREROUTING -p tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
iptables -t raw -A PREROUTING -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
I'm new to iptables and I'm a bit confused because some tutorials suggest to use those four rules.
iptables
add a comment |Â
up vote
3
down vote
favorite
up vote
3
down vote
favorite
Question 1: are the following rules equal?
iptables -t raw -A PREROUTING -p tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
iptables -t raw -A PREROUTING -p tcp --tcp-flags ALL NONE -j DROP
Question 2: are the following rules equal?
iptables -t raw -A PREROUTING -p tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
iptables -t raw -A PREROUTING -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
I'm new to iptables and I'm a bit confused because some tutorials suggest to use those four rules.
iptables
Question 1: are the following rules equal?
iptables -t raw -A PREROUTING -p tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
iptables -t raw -A PREROUTING -p tcp --tcp-flags ALL NONE -j DROP
Question 2: are the following rules equal?
iptables -t raw -A PREROUTING -p tcp --tcp-flags FIN,SYN FIN,SYN -j DROP
iptables -t raw -A PREROUTING -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
I'm new to iptables and I'm a bit confused because some tutorials suggest to use those four rules.
iptables
iptables
edited Mar 4 '17 at 16:17
Jeff Schaller
33.6k851113
33.6k851113
asked Mar 4 '17 at 16:02
Croco
184
184
add a comment |Â
add a comment |Â
1 Answer
1
active
oldest
votes
up vote
0
down vote
accepted
Yes, they are for both the questions.
ALL
is the same as FIN,SYN,RST,PSH,ACK,URG
.
Check out the man iptables-extensions
command on --tcp-flags
which is used when the TCP protocol is used: -p tcp
.
[!] --tcp-flags mask comp
Match when the TCP flags are as specified. The first argument
mask is the flags which we should examine, written as a comma-
separated list, and the second argument comp is a comma-sepaâÂÂ
rated list of flags which must be set. Flags are: SYN ACK FIN
RST URG PSH ALL NONE. Hence the command
iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST SYN
will only match packets with the SYN flag set, and the ACK, FIN
and RST flags unset.
add a comment |Â
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
0
down vote
accepted
Yes, they are for both the questions.
ALL
is the same as FIN,SYN,RST,PSH,ACK,URG
.
Check out the man iptables-extensions
command on --tcp-flags
which is used when the TCP protocol is used: -p tcp
.
[!] --tcp-flags mask comp
Match when the TCP flags are as specified. The first argument
mask is the flags which we should examine, written as a comma-
separated list, and the second argument comp is a comma-sepaâÂÂ
rated list of flags which must be set. Flags are: SYN ACK FIN
RST URG PSH ALL NONE. Hence the command
iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST SYN
will only match packets with the SYN flag set, and the ACK, FIN
and RST flags unset.
add a comment |Â
up vote
0
down vote
accepted
Yes, they are for both the questions.
ALL
is the same as FIN,SYN,RST,PSH,ACK,URG
.
Check out the man iptables-extensions
command on --tcp-flags
which is used when the TCP protocol is used: -p tcp
.
[!] --tcp-flags mask comp
Match when the TCP flags are as specified. The first argument
mask is the flags which we should examine, written as a comma-
separated list, and the second argument comp is a comma-sepaâÂÂ
rated list of flags which must be set. Flags are: SYN ACK FIN
RST URG PSH ALL NONE. Hence the command
iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST SYN
will only match packets with the SYN flag set, and the ACK, FIN
and RST flags unset.
add a comment |Â
up vote
0
down vote
accepted
up vote
0
down vote
accepted
Yes, they are for both the questions.
ALL
is the same as FIN,SYN,RST,PSH,ACK,URG
.
Check out the man iptables-extensions
command on --tcp-flags
which is used when the TCP protocol is used: -p tcp
.
[!] --tcp-flags mask comp
Match when the TCP flags are as specified. The first argument
mask is the flags which we should examine, written as a comma-
separated list, and the second argument comp is a comma-sepaâÂÂ
rated list of flags which must be set. Flags are: SYN ACK FIN
RST URG PSH ALL NONE. Hence the command
iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST SYN
will only match packets with the SYN flag set, and the ACK, FIN
and RST flags unset.
Yes, they are for both the questions.
ALL
is the same as FIN,SYN,RST,PSH,ACK,URG
.
Check out the man iptables-extensions
command on --tcp-flags
which is used when the TCP protocol is used: -p tcp
.
[!] --tcp-flags mask comp
Match when the TCP flags are as specified. The first argument
mask is the flags which we should examine, written as a comma-
separated list, and the second argument comp is a comma-sepaâÂÂ
rated list of flags which must be set. Flags are: SYN ACK FIN
RST URG PSH ALL NONE. Hence the command
iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST SYN
will only match packets with the SYN flag set, and the ACK, FIN
and RST flags unset.
edited Oct 3 at 13:19
answered Oct 1 at 12:22
prosti
215114
215114
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f349146%2fiptables-tcp-flags%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password