Thanks for the help! Since my iptables are intended to reject everything in adhoc interface (iptables -A INPUT -i adhoc -j REJECT and iptables -A OUTPUT -o adhoc -j REJECT), the problem that you pointed must be whats happening. Thanks for help :)

On Thu, May 4, 2017 at 7:34 PM, Martin Wegner <wegner@ibr.cs.tu-bs.de> wrote:
Thanks for the details, that rules some of the possibilities out.

Ok, so a quick google search ("wireshark and iptables") revealed that
due to libpcap, wireshark is able to see network packets directly from
the NIC before they are handled by the OS [0].

This means, that you will see packets in wireshark which are to be
dropped via iptables, however, they should not arrive in the application.

[0]
https://unix.stackexchange.com/questions/248090/how-can-wireshark-see-packets-dropped-by-iptables

Hope that helps,

Martin

On 05/04/2017 08:29 PM, Leonel Gaspar Soares wrote:
> The two nodes involved have adresses 10.0.0.1 and 10.0.0.3. When I aply
> in 10.0.0.1 the rule
>
> iptables -P INPUT DROP
> iptables -P OUTPUT DROP
> iptables -P FORWARD DROP
>
> I expect to reject all traffic in this node, am I right? Whith these
> rules, in node 10.0.0.1, in the interface adhoc (wifi) after these rules
> been applied, the packets I see with tcpdump -i adhoc are:
>
> IP 10.0.0.3.4551 > 224.0.0.142.4551: UDP
>
> Should'nt these packets been rejected/blocked in node 10.0.0.1? IBR-DTN
> is not running in 10.0.0.1, but running in 10.0.0.3.
>
> On Thu, May 4, 2017 at 7:17 PM, Martin Wegner <wegner@ibr.cs.tu-bs.de
> <mailto:wegner@ibr.cs.tu-bs.de>> wrote:
>
>     Hey,
>
>     I think without (a lot of) further details nobody here might be able to
>     help you. When you reply, try to supply as many relevant information as
>     possible and needed, e. g.,
>     - what is the exact IP (i.e., IPv4 *and* IPv6) config of your
>     interface(s),
>     - what *exact* packets do you see in wireshark? protocol names, ports,
>     addresses (again IPv4 *and/or* IPv6?), packet types, etc., or even the
>     actual trace,
>     - possibly even your network config, routing tables, anything modified
>     with sysctl, and so on.
>
>     In your initial mail, you wrote a set of ip(6)tables commands. I
>     noticed, that only 1 out of the 5 pairs is for ip6tables - have you, e.
>     g., tried also blocking IPv6 multicast traffic? This seems at least to
>     be missing from your provided commands.
>
>     # Martin
>
>     On 05/04/2017 07:43 PM, Leonel Gaspar Soares wrote:
>     > All other tráfic Gets bloked except these Packets
>     > Stephan Rottmann <rottmann@ibr.cs.tu-bs.de <mailto:rottmann@ibr.cs.tu-bs.de>
>     > <mailto:rottmann@ibr.cs.tu-bs.de
>     <mailto:rottmann@ibr.cs.tu-bs.de>>> escreveu em qui, 4/05/2017 às
>     18:32 :
>     >
>     > […]
>
>     --
>     ,---- [ contact info ]
>     | Martin Wegner, M.Sc.
>     | IBR, research group Connected and Mobile Systems
>     | Technische Universität Braunschweig
>     | office:
>     |   Mühlenpfordtstraße 23, room 131
>     |   38106 Braunschweig, Germany
>     | phone: +49 531 391 3246 <tel:%2B49%20531%20391%203246>
>     | mail: wegner@ibr.cs.tu-bs.de <mailto:wegner@ibr.cs.tu-bs.de>
>     | GnuPG key: 0x04210FF947C76DD7
>     `----
>
>

--
,---- [ contact info ]
| Martin Wegner, M.Sc.
| IBR, research group Connected and Mobile Systems
| Technische Universität Braunschweig
| office:
|   Mühlenpfordtstraße 23, room 131
|   38106 Braunschweig, Germany
| phone: +49 531 391 3246
| mail: wegner@ibr.cs.tu-bs.de
| GnuPG key: 0x04210FF947C76DD7
`----