On my lan with static ip i use this iptables rule for anti lanspoof:
iptables -A INPUT -i wlan0 -s 192.168.1.0/24 -j LANSPOOF
When connected to a hotspot with dhcp, and want to set the same anti lanspoof, my local ip changes for example: 162.19.63.81 to 162.19.27.82
the first two numbers stay the same 162.19 then the last two numbers change.
iptables -A INPUT -i wlan0 -s 162.19.(because this number changes, what do i put here?).0/24 -j LANSPOOF
i did try to set for 0.0.0.0/24 and 0.0.0.0 but then the anti spoof did not work.
so what ip do have to use: 162.19.?.0/24
Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
iptables lanspoof dhcp
-
- Global Moderator
- Posts: 3049
- Joined: 2017-09-17 07:12
- Has thanked: 5 times
- Been thanked: 132 times
Re: iptables lanspoof dhcp
What is the purpose of this "anti lanspoof" rule ?dreclauw wrote:On my lan with static ip i use this iptables rule for anti lanspoof:
iptables -A INPUT -i wlan0 -s 192.168.1.0/24 -j LANSPOOF
What is the contents of the LANSPOOF chain ?
162.19.63.81 is bigger then 162.19.27.82.dreclauw wrote:When connected to a hotspot with dhcp, and want to set the same anti lanspoof, my local ip changes for example: 162.19.63.81 to 162.19.27.82
Re: iptables lanspoof dhcp
Hello p.H,p.H wrote:What is the purpose of this "anti lanspoof" rule ?dreclauw wrote:On my lan with static ip i use this iptables rule for anti lanspoof:
iptables -A INPUT -i wlan0 -s 192.168.1.0/24 -j LANSPOOF
What is the contents of the LANSPOOF chain ?
162.19.63.81 is bigger then 162.19.27.82.dreclauw wrote:When connected to a hotspot with dhcp, and want to set the same anti lanspoof, my local ip changes for example: 162.19.63.81 to 162.19.27.82
The purpose of the lanspoof rule is to drop all connections on the set ip range.
The contents of the LANSPOOF chain is set to: DROP
the ip i posted was just a made up ip, what i try to point out is that the last two 162.19.X.X change, where before on my lan only the last 192.168.1.X changes.
-
- Global Moderator
- Posts: 3049
- Joined: 2017-09-17 07:12
- Has thanked: 5 times
- Been thanked: 132 times
Re: iptables lanspoof dhcp
How is this related with spoof ?dreclauw wrote:The purpose of the lanspoof rule is to drop all connections on the set ip range.
Change the prefix length from /24 to /16.dreclauw wrote:last two 162.19.X.X change, where before on my lan only the last 192.168.1.X changes.