[olug] AntiSpoof script Quest.

Joe Catanzaro joecatanzaro at cox.net
Wed Feb 22 02:13:42 UTC 2006 

Since the IP may be different from time to time you'll need to grab 
it from the system somehow. Here's what I did on my Fedora 3 box, but 
I'm hoping someone has a simpler solution.

[root at kermit ~]# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 00:20:ED:5C:13:C1
           inet addr:192.168.1.147  Bcast:255.255.255.255  Mask:255.255.255.0
           inet6 addr: fe80::220:edff:fe5c:13c1/64 Scope:Link
           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
           RX packets:19217 errors:0 dropped:0 overruns:0 frame:0
           TX packets:12895 errors:0 dropped:0 overruns:0 carrier:0
           collisions:1143 txqueuelen:1000
           RX bytes:3106658 (2.9 MiB)  TX bytes:3685570 (3.5 MiB)
           Interrupt:11 Base address:0xe400

[root at kermit ~]# ifconfig eth0 | grep "inet addr" | cut -c21-35
192.168.1.147
[root at kermit ~]# SERVER_IP=`ifconfig eth0 | grep "inet addr" | cut -c21-35`
[root at kermit ~]# echo $SERVER_IP
192.168.1.147
[root at kermit ~]#


Hint: The only "gotcha" with this is the last two numbers. Since an 
IP address can change in size, those numbers have a little room to be 
forgiving, but not tons.


At 2/21/2006 11:24 PM Tuesday, Charles Bird wrote:

>I saw this script on net for anti spoofing with local addresses.
>###########################################
>#!/bin/sh
>SERVER_IP="202.54.10.20"
># Add your IP range/IPs here,
>SPOOF_IPS="0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12 
>192.168.0.0/16 224.0.0.0/3"
>iptables -A INPUT -s $SERVER_IP -j DROP
>for ip in $SPOOF_IPS
>do
>iptables -A INPUT -s -j DROP
>done
>###########################################
>
>OK, where it says <SERVER_IP="xxx.xx.xx.xx">
>I am concerned because this is on cox home(dhcp) connection. How do 
>I define dhcp?
>Thanks in advance
>
>--
>_______________________________________________
>Surf the Web in a faster, safer and easier way:
>Download Opera 8 at http://www.opera.com
>
>Powered by Outblaze
>_______________________________________________
>OLUG mailing list
>OLUG at olug.org
>http://lists.olug.org/mailman/listinfo/olug


Joe Catanzaro
joecatanzaro at cox.net

More information about the OLUG mailing list