I have seen a rule that says it blocks packets from spoofed sources and I was wondering how that works.
I only want to communicate with devices that are actually connected to my network that I can see in my router page.
I was wondering how I would apply these rules using iptables here is some information that may help you
Linux kali 5.18.0-kali5-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.5-1kali6 (2022-07-07) x86_64 GNU/Linux
iptables v1.8.8 (nf_tables)
Here are my rules
Chain INPUT (policy ACCEPT 2 packets, 130 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,22,23,5555,5037 state NEW
0 0 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,22,23,5555,5037 state ESTABLISHED
0 0 DROP icmp -- 0.0.0.0/0 0.0.0.0/0
0 0 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 state INVALID reject-with icmp-port-unreachable
0 0 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED reject-with icmp-port-unreachable
0 0 REJECT all -- 0.0.0.0/0 0.0.0.0/0 MAC 2c:54:91:95:3b:3a reject-with icmp-port-unreachable
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 1 packets, 82 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,22,23,5555,5037 state NEW
0 0 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,22,23,5555,5037 state ESTABLISHED
0 0 DROP icmp -- 0.0.0.0/0 0.0.0.0/0
0 0 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 state INVALID reject-with icmp-port-unreachable
0 0 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED reject-with icmp-port-unreachable
Zeroing chain INPUT' Zeroing chainFORWARD'
Zeroing chain `OUTPUT'
I have seen a rule that says it blocks packets from spoofed sources and I was wondering how that works. I only want to communicate with devices that are actually connected to my network that I can see in my router page.
I was wondering how I would apply these rules using iptables here is some information that may help you
Linux kali 5.18.0-kali5-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.5-1kali6 (2022-07-07) x86_64 GNU/Linux iptables v1.8.8 (nf_tables)
Here are my rules
Chain INPUT (policy ACCEPT 2 packets, 130 bytes) pkts bytes target prot opt in out source destination
0 0 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,22,23,5555,5037 state NEW 0 0 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,22,23,5555,5037 state ESTABLISHED 0 0 DROP icmp -- 0.0.0.0/0 0.0.0.0/0
0 0 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 state INVALID reject-with icmp-port-unreachable 0 0 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED reject-with icmp-port-unreachable 0 0 REJECT all -- 0.0.0.0/0 0.0.0.0/0 MAC 2c:54:91:95:3b:3a reject-with icmp-port-unreachable
Chain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 1 packets, 82 bytes) pkts bytes target prot opt in out source destination
0 0 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,22,23,5555,5037 state NEW 0 0 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 21,22,23,5555,5037 state ESTABLISHED 0 0 DROP icmp -- 0.0.0.0/0 0.0.0.0/0
0 0 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 state INVALID reject-with icmp-port-unreachable 0 0 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED reject-with icmp-port-unreachable Zeroing chain
INPUT' Zeroing chain
FORWARD' Zeroing chain `OUTPUT'