question on Iptables 1.2.8 stealth module patch
Posted:
Sun Apr 04, 2004 12:38 amby syn
What does this patch do?
I read through the features page and didn't see much on iptables and stealth module.
Posted:
Mon Apr 05, 2004 4:42 pmby argan0n
Taking a very quick look at the sources it seems to register a new 'stealth' match into the userland iptables bin. This is a hook to NETFILTER kernel code in "net/ipv4/netfilter/ipt_stealth.c" that looks as if it silently passes ipv4 tcp/udp packets on the INPUT chain.
Dunno if this is being used by default for anything, I just looked around really quick.
Posted:
Mon Apr 05, 2004 8:36 pmby spender
it matches packets coming to unserved tcp and udp ports.
example usage:
iptables -A INPUT -p tcp -m stealth -j DROP
iptables -A INPUT -p udp -m stealth -j DROP
-Brad
Posted:
Thu Jun 02, 2005 3:47 amby pengu
spender wrote:it matches packets coming to unserved tcp and udp ports.
example usage:
iptables -A INPUT -p tcp -m stealth -j DROP
iptables -A INPUT -p udp -m stealth -j DROP
-Brad
Hm.
2.6.11 --> work
2.4.30 --> does not
why?
- Code: Select all
iptables -A INPUT -p tcp -m stealth -j DROP
iptables: Invalid argument
iptables -A INPUT -p udp -m stealth -j DROP
iptables: Invalid argument
dmesg
- Code: Select all
stealth: Only works on TCP and UDP for the INPUT chain.
stealth: Only works on TCP and UDP for the INPUT chain.
both kernels are patched with grsecurity, iptables 1.2.11 patched with grsecurity patch
any ideas?