[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] Blocking access to a subnet
On Mon, 2007-04-09 at 19:10 -0400, Christopher Fowler wrote:
> The logic behind that rule states that if the ppp interface is down
> the kernel will try and route packets out of eth0 to the default
> gateway. Eth0's address is 220.127.116.11. So if the source is
> 18.104.22.168 then the ppp interface obviously is not up. The test
> after I applied the rules showed that it worked great. The only
> downside is that I had to know what the eth0 address is. This means
> that on a server with DHCP if I use this rule I need to get that
> before applying this rule.
The only downside to this rule is that with tcp-reset the app sees a
'connection refused' This is okay for all the apps with the exception
of one. The one app reports to the user when it tries to connect and
that message could make the user think the remote device is up but
refusing to accept() any connections.