Does routing table work like a per-IP-address firewall, while iptables work like a per-port firewall?How to send packets coming from a second router on a particular port back to the router, using iptables not a routeHow does Linux handle 2 identical destinations in its routing table?ip rule not acting on fwmarkVPN with iptables and routing: access port from local networkdebian - iptables doesn't work for allowing one specific portiptables time rule does not work in reverse timeIPTABLES CONFIGURATION CIDR notationWhy does a routing rule directing to a local network interface accept more than one destination IP addreses?What do a network route and a host route look like in a routing table?How can I access a virtual machine running on a remote machine directly?
Finding files for which a command fails
Could Giant Ground Sloths have been a good pack animal for the ancient Mayans?
How did the USSR manage to innovate in an environment characterized by government censorship and high bureaucracy?
extract characters between two commas?
How can I fix this gap between bookcases I made?
Is it legal to have the "// (c) 2019 John Smith" header in all files when there are hundreds of contributors?
How to make payment on the internet without leaving a money trail?
Is ipsum/ipsa/ipse a third person pronoun, or can it serve other functions?
Can a planet have a different gravitational pull depending on its location in orbit around its sun?
Denied boarding due to overcrowding, Sparpreis ticket. What are my rights?
Why was the "bread communication" in the arena of Catching Fire left out in the movie?
What causes the sudden spool-up sound from an F-16 when enabling afterburner?
Is "plugging out" electronic devices an American expression?
What do the Banks children have against barley water?
Unbreakable Formation vs. Cry of the Carnarium
Could a US political party gain complete control over the government by removing checks & balances?
Information to fellow intern about hiring?
Why doesn't a const reference extend the life of a temporary object passed via a function?
What is GPS' 19 year rollover and does it present a cybersecurity issue?
Is every set a filtered colimit of finite sets?
Is there any use for defining additional entity types in a SOQL FROM clause?
Why do UK politicians seemingly ignore opinion polls on Brexit?
Re-submission of rejected manuscript without informing co-authors
How is it possible for user's password to be changed after storage was encrypted? (on OS X, Android)
Does routing table work like a per-IP-address firewall, while iptables work like a per-port firewall?
How to send packets coming from a second router on a particular port back to the router, using iptables not a routeHow does Linux handle 2 identical destinations in its routing table?ip rule not acting on fwmarkVPN with iptables and routing: access port from local networkdebian - iptables doesn't work for allowing one specific portiptables time rule does not work in reverse timeIPTABLES CONFIGURATION CIDR notationWhy does a routing rule directing to a local network interface accept more than one destination IP addreses?What do a network route and a host route look like in a routing table?How can I access a virtual machine running on a remote machine directly?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;
I heard that in a routing table, we can drop packets. Does that work like a per-IP-address firewall to prevent access to certain range of IP addresses from the local device?
In comparison, does iptables
work as a per-port firewall to prevent access to certain port from the local device?
Thanks.
iptables routing firewall
add a comment |
I heard that in a routing table, we can drop packets. Does that work like a per-IP-address firewall to prevent access to certain range of IP addresses from the local device?
In comparison, does iptables
work as a per-port firewall to prevent access to certain port from the local device?
Thanks.
iptables routing firewall
1
Do you have a reference for the “I heard that ...” part? Regardingiptables
, have you considered the usefulness or otherwise of the-s
and-d
parameters?
– Stephen Kitt
Mar 28 at 13:57
How does a per-IP-address firewall work? How does a per-port firewall work? I do not believe it is possible to block local system connections to local ports using iptables. I can't think of a use case where it would be necessary to actively block/drop/deny access from a local process to a local port. It sounds like you are discussing using network level activities to try and restrict system process functions. That dog won't hunt.
– 0xSheepdog
Mar 28 at 14:33
@StephenKitt Yes, I have. See my update.
– Tim
Mar 28 at 15:11
1
@Tim so why wouldiptables
support specifying source and/or destination addresses if it’s a per-port firewall (whatever that means)?
– Stephen Kitt
Mar 28 at 15:31
Does a "per-port firewall" mean anything? What?
– mosvy
Mar 28 at 19:24
add a comment |
I heard that in a routing table, we can drop packets. Does that work like a per-IP-address firewall to prevent access to certain range of IP addresses from the local device?
In comparison, does iptables
work as a per-port firewall to prevent access to certain port from the local device?
Thanks.
iptables routing firewall
I heard that in a routing table, we can drop packets. Does that work like a per-IP-address firewall to prevent access to certain range of IP addresses from the local device?
In comparison, does iptables
work as a per-port firewall to prevent access to certain port from the local device?
Thanks.
iptables routing firewall
iptables routing firewall
edited Mar 28 at 14:11
Tim
asked Mar 28 at 12:38
TimTim
28.5k79269491
28.5k79269491
1
Do you have a reference for the “I heard that ...” part? Regardingiptables
, have you considered the usefulness or otherwise of the-s
and-d
parameters?
– Stephen Kitt
Mar 28 at 13:57
How does a per-IP-address firewall work? How does a per-port firewall work? I do not believe it is possible to block local system connections to local ports using iptables. I can't think of a use case where it would be necessary to actively block/drop/deny access from a local process to a local port. It sounds like you are discussing using network level activities to try and restrict system process functions. That dog won't hunt.
– 0xSheepdog
Mar 28 at 14:33
@StephenKitt Yes, I have. See my update.
– Tim
Mar 28 at 15:11
1
@Tim so why wouldiptables
support specifying source and/or destination addresses if it’s a per-port firewall (whatever that means)?
– Stephen Kitt
Mar 28 at 15:31
Does a "per-port firewall" mean anything? What?
– mosvy
Mar 28 at 19:24
add a comment |
1
Do you have a reference for the “I heard that ...” part? Regardingiptables
, have you considered the usefulness or otherwise of the-s
and-d
parameters?
– Stephen Kitt
Mar 28 at 13:57
How does a per-IP-address firewall work? How does a per-port firewall work? I do not believe it is possible to block local system connections to local ports using iptables. I can't think of a use case where it would be necessary to actively block/drop/deny access from a local process to a local port. It sounds like you are discussing using network level activities to try and restrict system process functions. That dog won't hunt.
– 0xSheepdog
Mar 28 at 14:33
@StephenKitt Yes, I have. See my update.
– Tim
Mar 28 at 15:11
1
@Tim so why wouldiptables
support specifying source and/or destination addresses if it’s a per-port firewall (whatever that means)?
– Stephen Kitt
Mar 28 at 15:31
Does a "per-port firewall" mean anything? What?
– mosvy
Mar 28 at 19:24
1
1
Do you have a reference for the “I heard that ...” part? Regarding
iptables
, have you considered the usefulness or otherwise of the -s
and -d
parameters?– Stephen Kitt
Mar 28 at 13:57
Do you have a reference for the “I heard that ...” part? Regarding
iptables
, have you considered the usefulness or otherwise of the -s
and -d
parameters?– Stephen Kitt
Mar 28 at 13:57
How does a per-IP-address firewall work? How does a per-port firewall work? I do not believe it is possible to block local system connections to local ports using iptables. I can't think of a use case where it would be necessary to actively block/drop/deny access from a local process to a local port. It sounds like you are discussing using network level activities to try and restrict system process functions. That dog won't hunt.
– 0xSheepdog
Mar 28 at 14:33
How does a per-IP-address firewall work? How does a per-port firewall work? I do not believe it is possible to block local system connections to local ports using iptables. I can't think of a use case where it would be necessary to actively block/drop/deny access from a local process to a local port. It sounds like you are discussing using network level activities to try and restrict system process functions. That dog won't hunt.
– 0xSheepdog
Mar 28 at 14:33
@StephenKitt Yes, I have. See my update.
– Tim
Mar 28 at 15:11
@StephenKitt Yes, I have. See my update.
– Tim
Mar 28 at 15:11
1
1
@Tim so why would
iptables
support specifying source and/or destination addresses if it’s a per-port firewall (whatever that means)?– Stephen Kitt
Mar 28 at 15:31
@Tim so why would
iptables
support specifying source and/or destination addresses if it’s a per-port firewall (whatever that means)?– Stephen Kitt
Mar 28 at 15:31
Does a "per-port firewall" mean anything? What?
– mosvy
Mar 28 at 19:24
Does a "per-port firewall" mean anything? What?
– mosvy
Mar 28 at 19:24
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f509205%2fdoes-routing-table-work-like-a-per-ip-address-firewall-while-iptables-work-like%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f509205%2fdoes-routing-table-work-like-a-per-ip-address-firewall-while-iptables-work-like%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
-firewall, iptables, routing
1
Do you have a reference for the “I heard that ...” part? Regarding
iptables
, have you considered the usefulness or otherwise of the-s
and-d
parameters?– Stephen Kitt
Mar 28 at 13:57
How does a per-IP-address firewall work? How does a per-port firewall work? I do not believe it is possible to block local system connections to local ports using iptables. I can't think of a use case where it would be necessary to actively block/drop/deny access from a local process to a local port. It sounds like you are discussing using network level activities to try and restrict system process functions. That dog won't hunt.
– 0xSheepdog
Mar 28 at 14:33
@StephenKitt Yes, I have. See my update.
– Tim
Mar 28 at 15:11
1
@Tim so why would
iptables
support specifying source and/or destination addresses if it’s a per-port firewall (whatever that means)?– Stephen Kitt
Mar 28 at 15:31
Does a "per-port firewall" mean anything? What?
– mosvy
Mar 28 at 19:24