Re: [44net] Should I worry about this crud coming in via the tunnel?

2 Jan 2015


      Hello Arno.
In my Debian 7.7.0 gateway I use such rules for all amprnet interfaces:
-A INPUT ! -s 44.0.0.0/8 -i tunl0 -j DROP
-A INPUT ! -s 44.0.0.0/8 -i tun0 -j DROP
-A INPUT ! -s 44.0.0.0/8 -i tun1 -j DROP
-A INPUT ! -s 44.0.0.0/8 -i tun2 -j DROP
-A INPUT ! -s 44.0.0.0/8 -i sl0 -j DROP
-A INPUT ! -s 44.0.0.0/8 -i sl1 -j DROP
-A INPUT ! -s 44.0.0.0/8 -i sl2 -j DROP
I do not use  -d  <IP> (destination address) option at all.
Result:  ZERO non-44-net traffic!
Best regards.
-- 
Tom - SP2L
(ex sp2lob)
------------------------------------
It is nice to be important.
But it is more important to be nice!

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Re: [44net] Should I worry about this crud coming in via the tunnel?