Does routing table work like a per-IP-address firewall, while iptables work like a per-port firewall?How to send packets coming from a second router on a particular port back to the router, using iptables not a routeHow does Linux handle 2 identical destinations in its routing table?ip rule not acting on fwmarkVPN with iptables and routing: access port from local networkdebian - iptables doesn't work for allowing one specific portiptables time rule does not work in reverse timeIPTABLES CONFIGURATION CIDR notationWhy does a routing rule directing to a local network interface accept more than one destination IP addreses?What do a network route and a host route look like in a routing table?How can I access a virtual machine running on a remote machine directly?

Finding files for which a command fails

Could Giant Ground Sloths have been a good pack animal for the ancient Mayans?

How did the USSR manage to innovate in an environment characterized by government censorship and high bureaucracy?

extract characters between two commas?

How can I fix this gap between bookcases I made?

Is it legal to have the "// (c) 2019 John Smith" header in all files when there are hundreds of contributors?

How to make payment on the internet without leaving a money trail?

Is ipsum/ipsa/ipse a third person pronoun, or can it serve other functions?

Can a planet have a different gravitational pull depending on its location in orbit around its sun?

Denied boarding due to overcrowding, Sparpreis ticket. What are my rights?

Why was the "bread communication" in the arena of Catching Fire left out in the movie?

What causes the sudden spool-up sound from an F-16 when enabling afterburner?

Is "plugging out" electronic devices an American expression?

What do the Banks children have against barley water?

Unbreakable Formation vs. Cry of the Carnarium

Could a US political party gain complete control over the government by removing checks & balances?

Information to fellow intern about hiring?

Why doesn't a const reference extend the life of a temporary object passed via a function?

What is GPS' 19 year rollover and does it present a cybersecurity issue?

Is every set a filtered colimit of finite sets?

Is there any use for defining additional entity types in a SOQL FROM clause?

Why do UK politicians seemingly ignore opinion polls on Brexit?

Re-submission of rejected manuscript without informing co-authors

How is it possible for user's password to be changed after storage was encrypted? (on OS X, Android)



Does routing table work like a per-IP-address firewall, while iptables work like a per-port firewall?


How to send packets coming from a second router on a particular port back to the router, using iptables not a routeHow does Linux handle 2 identical destinations in its routing table?ip rule not acting on fwmarkVPN with iptables and routing: access port from local networkdebian - iptables doesn't work for allowing one specific portiptables time rule does not work in reverse timeIPTABLES CONFIGURATION CIDR notationWhy does a routing rule directing to a local network interface accept more than one destination IP addreses?What do a network route and a host route look like in a routing table?How can I access a virtual machine running on a remote machine directly?






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








0















I heard that in a routing table, we can drop packets. Does that work like a per-IP-address firewall to prevent access to certain range of IP addresses from the local device?



In comparison, does iptables work as a per-port firewall to prevent access to certain port from the local device?



Thanks.










share|improve this question



















  • 1





    Do you have a reference for the “I heard that ...” part? Regarding iptables, have you considered the usefulness or otherwise of the -s and -d parameters?

    – Stephen Kitt
    Mar 28 at 13:57











  • How does a per-IP-address firewall work? How does a per-port firewall work? I do not believe it is possible to block local system connections to local ports using iptables. I can't think of a use case where it would be necessary to actively block/drop/deny access from a local process to a local port. It sounds like you are discussing using network level activities to try and restrict system process functions. That dog won't hunt.

    – 0xSheepdog
    Mar 28 at 14:33












  • @StephenKitt Yes, I have. See my update.

    – Tim
    Mar 28 at 15:11






  • 1





    @Tim so why would iptables support specifying source and/or destination addresses if it’s a per-port firewall (whatever that means)?

    – Stephen Kitt
    Mar 28 at 15:31











  • Does a "per-port firewall" mean anything? What?

    – mosvy
    Mar 28 at 19:24

















0















I heard that in a routing table, we can drop packets. Does that work like a per-IP-address firewall to prevent access to certain range of IP addresses from the local device?



In comparison, does iptables work as a per-port firewall to prevent access to certain port from the local device?



Thanks.










share|improve this question



















  • 1





    Do you have a reference for the “I heard that ...” part? Regarding iptables, have you considered the usefulness or otherwise of the -s and -d parameters?

    – Stephen Kitt
    Mar 28 at 13:57











  • How does a per-IP-address firewall work? How does a per-port firewall work? I do not believe it is possible to block local system connections to local ports using iptables. I can't think of a use case where it would be necessary to actively block/drop/deny access from a local process to a local port. It sounds like you are discussing using network level activities to try and restrict system process functions. That dog won't hunt.

    – 0xSheepdog
    Mar 28 at 14:33












  • @StephenKitt Yes, I have. See my update.

    – Tim
    Mar 28 at 15:11






  • 1





    @Tim so why would iptables support specifying source and/or destination addresses if it’s a per-port firewall (whatever that means)?

    – Stephen Kitt
    Mar 28 at 15:31











  • Does a "per-port firewall" mean anything? What?

    – mosvy
    Mar 28 at 19:24













0












0








0








I heard that in a routing table, we can drop packets. Does that work like a per-IP-address firewall to prevent access to certain range of IP addresses from the local device?



In comparison, does iptables work as a per-port firewall to prevent access to certain port from the local device?



Thanks.










share|improve this question
















I heard that in a routing table, we can drop packets. Does that work like a per-IP-address firewall to prevent access to certain range of IP addresses from the local device?



In comparison, does iptables work as a per-port firewall to prevent access to certain port from the local device?



Thanks.







iptables routing firewall






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Mar 28 at 14:11







Tim

















asked Mar 28 at 12:38









TimTim

28.5k79269491




28.5k79269491







  • 1





    Do you have a reference for the “I heard that ...” part? Regarding iptables, have you considered the usefulness or otherwise of the -s and -d parameters?

    – Stephen Kitt
    Mar 28 at 13:57











  • How does a per-IP-address firewall work? How does a per-port firewall work? I do not believe it is possible to block local system connections to local ports using iptables. I can't think of a use case where it would be necessary to actively block/drop/deny access from a local process to a local port. It sounds like you are discussing using network level activities to try and restrict system process functions. That dog won't hunt.

    – 0xSheepdog
    Mar 28 at 14:33












  • @StephenKitt Yes, I have. See my update.

    – Tim
    Mar 28 at 15:11






  • 1





    @Tim so why would iptables support specifying source and/or destination addresses if it’s a per-port firewall (whatever that means)?

    – Stephen Kitt
    Mar 28 at 15:31











  • Does a "per-port firewall" mean anything? What?

    – mosvy
    Mar 28 at 19:24












  • 1





    Do you have a reference for the “I heard that ...” part? Regarding iptables, have you considered the usefulness or otherwise of the -s and -d parameters?

    – Stephen Kitt
    Mar 28 at 13:57











  • How does a per-IP-address firewall work? How does a per-port firewall work? I do not believe it is possible to block local system connections to local ports using iptables. I can't think of a use case where it would be necessary to actively block/drop/deny access from a local process to a local port. It sounds like you are discussing using network level activities to try and restrict system process functions. That dog won't hunt.

    – 0xSheepdog
    Mar 28 at 14:33












  • @StephenKitt Yes, I have. See my update.

    – Tim
    Mar 28 at 15:11






  • 1





    @Tim so why would iptables support specifying source and/or destination addresses if it’s a per-port firewall (whatever that means)?

    – Stephen Kitt
    Mar 28 at 15:31











  • Does a "per-port firewall" mean anything? What?

    – mosvy
    Mar 28 at 19:24







1




1





Do you have a reference for the “I heard that ...” part? Regarding iptables, have you considered the usefulness or otherwise of the -s and -d parameters?

– Stephen Kitt
Mar 28 at 13:57





Do you have a reference for the “I heard that ...” part? Regarding iptables, have you considered the usefulness or otherwise of the -s and -d parameters?

– Stephen Kitt
Mar 28 at 13:57













How does a per-IP-address firewall work? How does a per-port firewall work? I do not believe it is possible to block local system connections to local ports using iptables. I can't think of a use case where it would be necessary to actively block/drop/deny access from a local process to a local port. It sounds like you are discussing using network level activities to try and restrict system process functions. That dog won't hunt.

– 0xSheepdog
Mar 28 at 14:33






How does a per-IP-address firewall work? How does a per-port firewall work? I do not believe it is possible to block local system connections to local ports using iptables. I can't think of a use case where it would be necessary to actively block/drop/deny access from a local process to a local port. It sounds like you are discussing using network level activities to try and restrict system process functions. That dog won't hunt.

– 0xSheepdog
Mar 28 at 14:33














@StephenKitt Yes, I have. See my update.

– Tim
Mar 28 at 15:11





@StephenKitt Yes, I have. See my update.

– Tim
Mar 28 at 15:11




1




1





@Tim so why would iptables support specifying source and/or destination addresses if it’s a per-port firewall (whatever that means)?

– Stephen Kitt
Mar 28 at 15:31





@Tim so why would iptables support specifying source and/or destination addresses if it’s a per-port firewall (whatever that means)?

– Stephen Kitt
Mar 28 at 15:31













Does a "per-port firewall" mean anything? What?

– mosvy
Mar 28 at 19:24





Does a "per-port firewall" mean anything? What?

– mosvy
Mar 28 at 19:24










0






active

oldest

votes












Your Answer








StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);













draft saved

draft discarded


















StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f509205%2fdoes-routing-table-work-like-a-per-ip-address-firewall-while-iptables-work-like%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes















draft saved

draft discarded
















































Thanks for contributing an answer to Unix & Linux Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid


  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.

To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f509205%2fdoes-routing-table-work-like-a-per-ip-address-firewall-while-iptables-work-like%23new-answer', 'question_page');

);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







-firewall, iptables, routing

Popular posts from this blog

Frič See also Navigation menuinternal link

Identify plant with long narrow paired leaves and reddish stems Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) Announcing the arrival of Valued Associate #679: Cesar Manara Unicorn Meta Zoo #1: Why another podcast?What is this plant with long sharp leaves? Is it a weed?What is this 3ft high, stalky plant, with mid sized narrow leaves?What is this young shrub with opposite ovate, crenate leaves and reddish stems?What is this plant with large broad serrated leaves?Identify this upright branching weed with long leaves and reddish stemsPlease help me identify this bulbous plant with long, broad leaves and white flowersWhat is this small annual with narrow gray/green leaves and rust colored daisy-type flowers?What is this chilli plant?Does anyone know what type of chilli plant this is?Help identify this plant

fontconfig warning: “/etc/fonts/fonts.conf”, line 100: unknown “element blank” The 2019 Stack Overflow Developer Survey Results Are In“tar: unrecognized option --warning” during 'apt-get install'How to fix Fontconfig errorHow do I figure out which font file is chosen for a system generic font alias?Why are some apt-get-installed fonts being ignored by fc-list, xfontsel, etc?Reload settings in /etc/fonts/conf.dTaking 30 seconds longer to boot after upgrade from jessie to stretchHow to match multiple font names with a single <match> element?Adding a custom font to fontconfigRemoving fonts from fontconfig <match> resultsBroken fonts after upgrading Firefox ESR to latest Firefox