Well, the first thing I’ll do is update my apt repository, and install iptables using the following two commands:
apt-get update
apt-get install iptables
Now, the quick and dirty solution is to just add append a rule that blocks all outgoing UDP packets from my server. You can do this based on the systems IP addess. Assuming my server’s IP addess is 192.168.0.1, I would use the following rule:
iptables -A OUTPUT -s 192.168.0.1 -p udp -j DROP
Essentially, this rule says, match any outbound UDP packets whose source address (-s) is 192.168.0.1, and jump (-j) to the DROP chain. That will drop the packet. Now, just to be safe, I’ll add the same rool using my loopback address, as follows:
iptables -A OUTPUT -s 127.0.0.1 -p udp -j DROP
Now, let’s just hope that keeps me covered until I can find a little more advanced solution that will also write to a log when a packet gets dropped...
Resources:
- netfilter’s documentation
- linuxquestions.org forums
- The manpage! (man iptables)
1 comments:
# You can also create a single rule:
iptables -A OUTPUT -p udp -j DROP
Post a Comment