Will tcpdump see packets that are being dropped by iptables?

firewall iptables tcp tcpdump
30,673

tcpdump uses libpcap and libpcap processes packets before they get processed by the firewall, so the answer is "yes".

Share:
30,673

Related videos on Youtube

maths
Author by

maths

Programmer from Paraguay, South America. Love C/C++/C#, Scheme and Java.

Updated on September 17, 2022

Comments

  • maths
    maths almost 2 years

    I have a firewall with these simple rules:

    iptables -A INPUT -p tcp -s 127.0.0.1/32 --dport 6000 -j ACCEPT
iptables -A INPUT -p tcp -s 192.168.16.20/32 --dport 6000 -j ACCEPT
iptables -A INPUT -p tcp --dport 6000 -j REJECT

    Now, suppose I am using TCPDUMP like this:

    tcpdump port 6000

    And I have host 192.168.16.21 trying to connect to port 6000.

    Will/should tcpdump output some packets coming from 192.168.16.21?

  • rmmoul
    rmmoul about 7 years
    This is only partially true. tcpdump will see inbound traffic before iptables, but will see outbound traffic only after the firewall has processed it. See superuser.com/q/925286/18898
  • 23r23f23q
    23r23f23q over 2 years
    so is there away to drop incoming packets from a specific IP so that even tcpdump won't even see them?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to globally limit total number of TCP connections with iptables?
Dropped ACK FIN, ACK RST, RST packets on webserver with iptables
tcp flags in iptables: What's the difference between RST SYN and RST and SYN RST ? When to use ALL?
Reduce firewall rules by half - one iptables rule for tcp and udp
Is it better to set -j REJECT or -j DROP in iptables?
TCP Server sends [ACK] followed by [PSH,ACK]
add rule to firewalld in Centos7 to allow all traffic from a server
Apple Push Notifications and Port 2195
How to make all outgoing RST drop
Stripping payload from a tcpdump?