| ARRIS Enterprises, Inc. Confidential Information | ||||||||||||||||||||||||||||||||||||
kreatv-tool-iptables_bcm15_vip43x2This package installs iptables with a number of modules. The iptables rules are provided by a rules file. The rules file contains a list of iptables commands. The default rules file has two rules listed: /sbin/iptables -A INPUT -p icmp -j DROP The first is for rejecting all the input ICMP packets (reject ping) in order to protect stb from the 'Ping of Death', ICMP storm. The second is for disabling of unnecessary service ports. Priority on outgoing traffic can be set by using the DSCP target module of iptables to set the DSCP field of the IP packet. The following is an example of setting such a rule on http requests (port 80) with dscp class EF (i.e. expedited forwarding). /sbin/iptables -t mangle -A OUTPUT -p tcp --dport 80 -j DSCP --set-dscp-class EF Note:The following will flush your firewall rules, forbid all network traffic. Parameters
Details
|
