u32 filter udp lenght 0 to 29

Posted by Mark Ocok on Server Fault See other posts from Server Fault or by Mark Ocok
Published on 2012-11-21T06:20:05Z Indexed on 2012/11/21 11:05 UTC
Read the original article Hit count: 171

Filed under:

linux

|

iptables

Sep 30 18:20:02 30AA30 kernel: ** IN_UDP DROP ** IN=eth0 OUT= MAC=b8:ac:6f:99:8e:b2:a8:d0:e5:bf:71:81:08:00 SRC=66.225.232.169 DST=68.68.27.84 LEN=28 TOS=0x00 PREC=0x00 TTL=49 ID=21668 DF PROTO=UDP SPT=48153 DPT=16078 LEN=8
Sep 30 18:20:02 30AA30 kernel: ** IN_UDP DROP ** IN=eth0 OUT= MAC=b8:ac:6f:99:8e:b2:a8:d0:e5:bf:71:81:08:00 SRC=66.225.232.169 DST=68.68.27.84 LEN=28 TOS=0x00 PREC=0x00 TTL=49 ID=21669 DF PROTO=UDP SPT=48153 DPT=16078 LEN=8
Sep 30 18:20:02 30AA30 kernel: ** IN_UDP DROP ** IN=eth0 OUT= MAC=b8:ac:6f:99:8e:b2:a8:d0:e5:bf:71:81:08:00 SRC=66.225.232.169 DST=68.68.27.84 LEN=28 TOS=0x00 PREC=0x00 TTL=49 ID=21670 DF PROTO=UDP SPT=48153 DPT=16078 LEN=8
Sep 30 18:20:02 30AA30 kernel: ** IN_UDP DROP ** IN=eth0 OUT= MAC=b8:ac:6f:99:8e:b2:a8:d0:e5:bf:71:81:08:00 SRC=66.225.232.169 DST=68.68.27.84 LEN=28 TOS=0x00 PREC=0x00 TTL=49 ID=21671 DF PROTO=UDP SPT=48153 DPT=16078 LEN=8

It's Spoofing attack dos, how to block Spoofing UDP lenght 0 to 29 using u32 Flooder target udp length udp 0 to 29

© Server Fault or respective owner

Related posts about linux

apt-get install and update fail

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I've got a problem with apt-get update and apt-get install ... commands . every time update or installing fails and errors are : Get:1 http://dl.google.com stable Release.gpg [198B] Ign http://dl.google.com/linux/chrome/deb/ stable/main Translation-en_US Get:2 http://dl… >>> More
kernel module compiling error

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
sh@ubuntu:/home/ccpp/helloworld$ make gcc-4.6 -O2 -DMODULE -D_KERNEL_ -W -Wall -Wstrict-prototypes -Wmissing-prototypes -isystem /lib/modules/`uname -r`/build/include -c -o hello-1.o hello-1.c hello-1.c:4:0: warning: "MODULE" redefined [enabled by default] <command-line>:0:0: note: this is… >>> More
Build-Essentials installation failing

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I am having trouble accessing the several critical header files that show to be a part of the build process. The "Ubuntu Software Center" shows "Build Essentials" as installed: Next I did the following two commands, which did not improve the problem: ~$ sudo apt-get install build-essential [sudo]… >>> More
Updating Debian kernel

as seen on Super User - Search for 'Super User'
I'm trying to update my Debian machine to 2.6.32-46 (which is the new stable). However, after doing apt-get update my apt-cache search linux-image shows me: linux-headers-2.6.32-5-486 - Header files for Linux 2.6.32-5-486 linux-headers-2.6.32-5-686-bigmem - Header files for Linux 2.6.32-5-686-bigmem linux-headers-2… >>> More
Serial connection over a single USB cable (Windows to linux, or linux to linux)

as seen on Server Fault - Search for 'Server Fault'
I'm helping out with a project for an embedded device that only has USB and no serial. This device is running Linux. These days, when we need to connect to a serial port on a device we typically use a USB to serial adapter (on something like a phone system or a load balancing device, etc). I would… >>> More

Related posts about iptables

Sometimes this script fails to update the iptables

as seen on Server Fault - Search for 'Server Fault'
It does not happen often, but sometimes after running the below script, checking the iptables with service iptables status shows that they weren't updated and the script doesn't output any error. The iptables is structured as look-up tree (long repeated sections snipped): #!/bin/sh iptables -t… >>> More
My current iptable configuration doesn't work [on hold]

as seen on Server Fault - Search for 'Server Fault'
sudo chkconfig iptables off /etc/init.d/iptables on ### Clear/flush iptables sudo iptables -F sudo iptables -P INPUT ACCEPT sudo iptables -P OUTPUT ACCEPT sudo iptables -P FORWARD ACCEPT ### Allow SSH iptables -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables… >>> More
L2TP iptables port forward

as seen on Server Fault - Search for 'Server Fault'
Hi all, I'm setting up port forwarding for an L2TP VPN connection to the local Windows 2003 VPN server. The router is a simpel Debian machine with iptables. The VPN server works perfect. But I cannot log in from the WAN. I'm missing something. The VPN server is using a pre-shared key (L2TP) and… >>> More
iptables -P FORWARD DROP makes port forwarding slow

as seen on Server Fault - Search for 'Server Fault'
I have three computers, linked like this: box1 (ubuntu) box2 router & gateway (debian) box3 (opensuse) [10.0.1.1] ---- [10.0.1.18,10.0.2.18,10.0.3.18] ---- [10.0.3.15] | box4, www [10.0.2.1] Among other… >>> More
IPtables AWS EC2 NAT/Reverse NAT - For Reverse Proxy style setup but with IPtables

as seen on Server Fault - Search for 'Server Fault'
I was thinking initially needing to do a reverse proxy or something so I could get some SSL/TLS traffic look like it is being terminated at a server and IP address in the AWS cloud, and then that traffic is forwarded onto our actual web servers that aren't in the cloud... I've not done much iptables… >>> More