02-27-2014
[SOLVED] AFWall+ iptables help
I am attempting to block connection to a specific BSSID. My friend's son has been getting around the access restrictions I set for the family on my friend's behalf (I have Tomato running on his Linksys), and his son has access to the neighbour's wifi. I want to be able to block the connection to this wifi. I am experimenting with this at home by trying to block my phone from accessing my router. I tried this IP table first:
$IPTABLES -A INPUT -m mac --mac-source 00:00:00:00:00:00 -j DROP
(of course, the 00:00:00:00:00:00 represents the actual MAC address which I am not posting here; and I used all caps for the address)
I still had access to the internet.
I also tried:
$IPTABLES -A INPUT -m mac --mac-source 00:00:00:00:00:00 -j REJECT
Still had access. Though this is not ideal (because the public IP is dynamic and I have no access to the neighbour's router to add a dynamic dns address to implement this should I go this route), I then tried my public IP address:
$IPTABLES -I INPUT -s 11.222.33.44 -j DROP
I still had access to the internet through my router. So I tried this iptable for the fun of it:
$IPTABLES -I INPUT -s 11.222.33.44 -j REJECT
I could still access the internet. Is it even possible to do what I'm trying to do?
P.S. - My phone, as well as my friend's son's phone is rooted.
Last edited by 3happypenguins; 02-27-2014 at 11:55 AM..
Reason: code tags
8 More Discussions You Might Find Interesting
1. AIX
Generally, most people, I guess, go from 5.3 ML4 Directly to TL 7. So they may never run into this issue.
For the rest of us, here is the resolution of my problem in going from ML6 to TL7.
Apparently with the change from ML to TL IBM added a "BuildDate Verification" routine into... (1 Reply)
Discussion started by: mrmurdock
1 Replies
2. Shell Programming and Scripting
i have two files as
file1:
1
2
3
file2:
a
b
c
and the output should be:
file3:
1~a
2~b
3~c (1 Reply)
Discussion started by: mlpathir
1 Replies
3. UNIX for Advanced & Expert Users
Hello,
I'm having problem with an iptables rule. It seems that on one of two systems on the nat table, the INPUT chain doesn't exist for some strange reason.
I get the error below:
# iptables -t nat -A INPUT -j ACCEPT
iptables: No chain/target/match by that name.
Here is my kernel on... (0 Replies)
Discussion started by: Narnie
0 Replies
4. Shell Programming and Scripting
Hi,
I am using below script to get the below given output. But i am wondering how to pick the names from below output.
Script:
echo "dis ql(*) cluster(CT.CL.RIBRSBT3)"| runmqsc CT.QM.701t8|egrep QUEUE|sed -e 's/QUEUE(/ /'|sed -e 's/)/ /'
Output:
... (10 Replies)
Discussion started by: darling
10 Replies
5. Shell Programming and Scripting
Hi, I am trying to permutate each column (Except for IDS).
file.txt
FID IID TOAST1 TOAST2 TOAST3
ID3 ID3 1 -9 2
ID4 ID4 2 1 1
ID1 ID1 -9 -9 1
ID8 ID8 1 1 -9
ID12 ID12 1 2 2
for toast1 column, there are two 1's, two 2's and one -9. Having the same number of denominations,... (2 Replies)
Discussion started by: johnkim0806
2 Replies
6. UNIX for Dummies Questions & Answers
Hi all,
I have two doms on my machine. I boot my machine from an rfs in one dom1 and mount the other rfs in the other dom2 at /media. Now I wanted to restrict access of users on dom2 to only their home directories. I do not want them to access any other directories on dom1 or dom2. So I mounted... (2 Replies)
Discussion started by: sai2krishna
2 Replies
7. Shell Programming and Scripting
Hello,
This is really breaking my head. I request you help to solve this problem.
I have a list of files at the source directory (/tmp) as below,
NewTransfer_20131202_APAC.dat
NewTransferFile_20131202_APAC.dat
NewTransfer_20131203_APAC.dat
NewTransferFile_20131203_APAC.dat... (3 Replies)
Discussion started by: sravicha
3 Replies
8. UNIX for Dummies Questions & Answers
Hi,
One of our old Digital Alpha Server has died (CPU Failure). I want to recover a file from that server. Backups were done via Networker, however, cross platform recovery is not supported and I don't have any other TRU64 server available.
Is there a VM or Emulator available which can get... (1 Reply)
Discussion started by: Mack1982
1 Replies
LEARN ABOUT DEBIAN
arno-iptables-firewall
ARNO-IPTABLES-FIREWALL(8) ARNO-IPTABLES-FIREWALL(8)
NAME
arno-iptables-firewall - Single- & multi-homed firewall script with DSL/ADSL support.
SYNOPSIS
/etc/init.d/arno-iptables-firewall [start|stop|status|force-reload|restart]
DESCRIPTION
arno-iptables-firewall is an iptables configuration script with support for both IPv4 & IPv6. While it is extremely easy to use one can
nevertheless use it in quite complicated environments.
All available options are explained in the extensively documented configuration file.
The external interface of the system needs to be set up properly in the firewalls configuration file (EXT_IF). The default behavior of the
firewall is to deny all incoming connections.
For additional requirements not covered by the configuration file custom iptables rules can be placed in /etc/arno-iptables-firewall/cus-
tom-rules. This file is automatically parsed by the service script.
See the README file (eg. in /usr/(local/)share/doc/arno-iptables-firewall) for an example how to manage logging of firewall events through
syslogd.
The arno-fwfilter script can be used to make the firewall logs more readable for humans (see manpage).
Several plugins for the firewall script are available online. Plugins can be downloaded from http://rocky.eld.leidenuniv.nl/ Please see the
README file for more information.
FILES
/etc/init.d/arno-iptables-firewall system service script
/etc/arno-iptables-firewall/firewall.conf firewall configuration
/etc/arno-iptables-firewall/conf.d/ firewall configuration directory
/etc/arno-iptables-firewall/custom-rules custom iptables rules
/etc/arno-iptables-firewall/blocked-hosts host blacklist
/etc/arno-iptables-firewall/mac-addresses mac filter list
Please note, that the last two files do exist in the initial configuration and their use is disabled in /etc/arno-iptables-firewall/fire-
wall.conf
SEE ALSO
iptables(8), arno-fwfilter(1), syslog.conf(5)
The http://rocky.eld.leidenuniv.nl/ web site.
AUTHOR
arno-iptables-firewall was written by Arno van Amersfoort <arnova@rocky.eld.leidenuniv.nl>.
This manual page was written by Michael Hanke <michael.hanke@gmail.com>, for the Debian project (but may be used by others).
Michael Hanke March 14, 2012 ARNO-IPTABLES-FIREWALL(8)