Thanks for the help! Since my iptables are intended to reject everything in adhoc interface (iptables -A INPUT -i adhoc -j REJECT and iptables -A OUTPUT -o adhoc -j REJECT), the problem that you pointed must be whats happening. Thanks for help :)
On Thu, May 4, 2017 at 7:34 PM, Martin Wegner wegner@ibr.cs.tu-bs.de wrote:
Thanks for the details, that rules some of the possibilities out.
Ok, so a quick google search ("wireshark and iptables") revealed that due to libpcap, wireshark is able to see network packets directly from the NIC before they are handled by the OS [0].
This means, that you will see packets in wireshark which are to be dropped via iptables, however, they should not arrive in the application.
[0] https://unix.stackexchange.com/questions/248090/how-can- wireshark-see-packets-dropped-by-iptables
Hope that helps,
Martin
On 05/04/2017 08:29 PM, Leonel Gaspar Soares wrote:
The two nodes involved have adresses 10.0.0.1 and 10.0.0.3. When I aply in 10.0.0.1 the rule
iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP
I expect to reject all traffic in this node, am I right? Whith these rules, in node 10.0.0.1, in the interface adhoc (wifi) after these rules been applied, the packets I see with tcpdump -i adhoc are:
IP 10.0.0.3.4551 > 224.0.0.142.4551: UDP
Should'nt these packets been rejected/blocked in node 10.0.0.1? IBR-DTN is not running in 10.0.0.1, but running in 10.0.0.3.
On Thu, May 4, 2017 at 7:17 PM, Martin Wegner <wegner@ibr.cs.tu-bs.de mailto:wegner@ibr.cs.tu-bs.de> wrote:
Hey, I think without (a lot of) further details nobody here might be ableto
help you. When you reply, try to supply as many relevant informationas
possible and needed, e. g., - what is the exact IP (i.e., IPv4 *and* IPv6) config of your interface(s), - what *exact* packets do you see in wireshark? protocol names,ports,
addresses (again IPv4 *and/or* IPv6?), packet types, etc., or eventhe
actual trace, - possibly even your network config, routing tables, anythingmodified
with sysctl, and so on. In your initial mail, you wrote a set of ip(6)tables commands. I noticed, that only 1 out of the 5 pairs is for ip6tables - have you,e.
g., tried also blocking IPv6 multicast traffic? This seems at leastto
be missing from your provided commands. # Martin On 05/04/2017 07:43 PM, Leonel Gaspar Soares wrote: > All other tráfic Gets bloked except these Packets > Stephan Rottmann <rottmann@ibr.cs.tu-bs.de <mailto:rottmann@ibr.cs.tu-bs.de>
> <mailto:rottmann@ibr.cs.tu-bs.de <mailto:rottmann@ibr.cs.tu-bs.de>>> escreveu em qui, 4/05/2017 às 18:32 : > > […] -- ,---- [ contact info ] | Martin Wegner, M.Sc. | IBR, research group Connected and Mobile Systems | Technische Universität Braunschweig | office: | Mühlenpfordtstraße 23, room 131 | 38106 Braunschweig, Germany | phone: +49 531 391 3246 <tel:%2B49%20531%20391%203246> | mail: wegner@ibr.cs.tu-bs.de <mailto:wegner@ibr.cs.tu-bs.de> | GnuPG key: 0x04210FF947C76DD7 `------ ,---- [ contact info ] | Martin Wegner, M.Sc. | IBR, research group Connected and Mobile Systems | Technische Universität Braunschweig | office: | Mühlenpfordtstraße 23, room 131 | 38106 Braunschweig, Germany | phone: +49 531 391 3246 | mail: wegner@ibr.cs.tu-bs.de | GnuPG key: 0x04210FF947C76DD7 `----