Hot Downloads

Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1
  • 2

TOPIC: Difference btn protocol "tcp" and "all"

Difference btn protocol "tcp" and "all" 10 years 7 months ago #14210

  • Nimmy
  • Nimmy's Avatar
  • Offline
  • New Member
  • Posts: 5
  • Karma: 0
Dear Friends,

While writing firewall rule in iptables we can use the protocol value

tcp
udp
icmp
all

Can any one explain me

(1). If we Allow one firewall forward rule for the "tcp" protocol, for example

iptables -A FORWARD -i eth0 -o ppp0 -m state --state NEW -j ACCEPT -p tcp -d 0/0 --dport 80 -s 0/0 --sport 1:65535

and then the second rule for "ip" protocol

iptables -A FORWARD -i eth0 -o ppp0 -m state --state NEW -j DROP -p all -d 0/0 -s 0/0

if we execute these two rules,

am able to browse.

I want to know what is the difference between these "tcp" and "all" and others.

How "all" Differ from other protocol "tcp", "Udp" and Icmp.

Thank You.

With Regards,
Nimmy
Nirmal Babu
Chennai
The administrator has disabled public write access.

Protocols 10 years 7 months ago #14212

  • TheBishop
  • TheBishop's Avatar
  • Offline
  • Moderator
  • Posts: 1719
  • Thank you received: 8
  • Karma: 5
'all' allows you to create a rule that applies to any protocol, for example one that just restricts by IP address. If you want to be more granular then you can actually define the protocol that a rule will apply to, for example 'tcp'
The administrator has disabled public write access.

Re: Difference btn protocol "tcp" and "all" 10 years 7 months ago #14215

  • d_jabsd
  • d_jabsd's Avatar
  • Offline
  • Distinguished Member
  • Posts: 153
  • Karma: 0
In addition to TheBishop's reply, 'all' includes protocols that may not be covered by 'ip' like 'esp', 'ah', 'gre', etc.
The administrator has disabled public write access.

Re: Difference btn protocol "tcp" and "all" 10 years 7 months ago #14217

  • Nimmy
  • Nimmy's Avatar
  • Offline
  • New Member
  • Posts: 5
  • Karma: 0
Hi,

Thank U very much.

Let me explain my problem,

First i have created one forwared rule which is allow the tcp traffic to the external network to the port 80

iptables -A FORWARD -i eth0 -o ppp0 -m state --state NEW -j ACCEPT -p tcp -d 0/0 --dport 80 -s 0/0 --sport 1:65535

the next rule i have execute one forward rule which is block the ip traffic to the external network to the port 80

iptables -A FORWARD -i eth0 -o ppp0 -m state --state NEW -j DROP -p all -d 0/0 -s 0/0

The Source IP and Destination IP range of both the above two rules are same, only the action is different.

Here "all" protocol means for all protocol which includes 'tcp', 'ucp','icmp' and etc.

In this situation whether the traffic to the external network is allow or blocked, after the two firewall rules executed.

Sorry if i am wrong.

Thanks and Regards,
Nimmy
Nirmal Babu
Chennai
The administrator has disabled public write access.

Re: Difference btn protocol "tcp" and "all" 10 years 7 months ago #14219

  • DaLight
  • DaLight's Avatar
  • Offline
  • Honored Member
  • Posts: 1302
  • Karma: 1
Iptables processes the rules in turn and when a match is attained, it performs the specified instruction. Thus the second rule you've written
[code:1]iptables -A FORWARD -i eth0 -o ppp0 -m state --state NEW -j DROP -p all -d 0/0 -s 0/0[/code:1]
will only be reached for all non-tcp traffic or for tcp traffic heading for ports other than 80.

Some additional comments on your rules syntax:

You do not need to specify "-s 0/0" or "-d 0/0" as these are implied by default. i.e. only specify them when you want to restrict to a particular IP range.
Likewise, "--sport 1:65535" is also redundant unless you want to restrict to a particular port number.
And come to think of it, "-p all" is also redundant as this is assumed unless of course you wish to specify a particular protocol. Of course, if you want to leave these options in to improve the readability of the rules, it's your choice.

Finally, to answer your initial query, you should be able to browse (on port 80) at least with the rules you specified.
The administrator has disabled public write access.

Re: Difference btn protocol "tcp" and "all" 10 years 7 months ago #14221

  • Nimmy
  • Nimmy's Avatar
  • Offline
  • New Member
  • Posts: 5
  • Karma: 0
Hi Da Light,

Thanks a lot for u r Explanation. I got clear about these firewall rule execution.

Thank U Very Much. :)

Cheers,
Nimmy
Nirmal Babu
Chennai
The administrator has disabled public write access.
  • Page:
  • 1
  • 2
Time to create page: 0.081 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup