Find the answer to your Linux question:
Results 1 to 7 of 7
the two IP I am rejecting are still getting thru what am I doing wrong? Centos 5 Code: Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    May 2009
    Posts
    7

    Iptable not rejecting IP


    the two IP I am rejecting are still getting thru
    what am I doing wrong?
    Centos 5

    Code:
    Chain RH-Firewall-1-INPUT (2 references)
    target     prot opt source               destination         
    ACCEPT     all  --  anywhere             anywhere            
    REJECT     icmp --  anywhere             anywhere            icmp any reject-with icmp-port-unreachable 
    ACCEPT     esp  --  anywhere             anywhere            
    ACCEPT     ah   --  anywhere             anywhere            
    ACCEPT     udp  --  anywhere             224.0.0.251         udp dpt:mdns 
    DROP       udp  --  anywhere             anywhere            udp dpt:ipp 
    DROP       tcp  --  anywhere             anywhere            tcp dpt:ipp 
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:ftp 
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp state NEW 
    DROP       tcp  --  anywhere             anywhere            tcp dpt:ssh state NEW 
    ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3 state NEW 
    REJECT     tcp  --  92.240.68.152        anywhere            tcp spt:http dpt:http state NEW,RELATED,ESTABLISHED reject-with icmp-port-unreachable 
    REJECT     tcp  --  92.240.68.153        anywhere            tcp spt:http dpt:http state NEW,RELATED,ESTABLISHED reject-with icmp-port-unreachable 
    REJECT     tcp  --  194.8.75.107         anywhere            tcp spt:http dpt:http state NEW,RELATED,ESTABLISHED reject-with icmp-port-unreachable 
    ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED 
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:https 
    ACCEPT     tcp  --  anywhere             anywhere            state NEW tcp dpt:http

  2. #2
    Just Joined!
    Join Date
    May 2009
    Posts
    7

    Resolved

    well I must have looked at this table a zillion times
    but not till I posted it here did it dawn on my that the
    ACCEPT all -- anywhere anywhere

    pretty much overrode everthing.
    so moved the ips up past it and now they do what I expected

  3. #3
    Just Joined!
    Join Date
    May 2009
    Posts
    7
    the IP seem to be getting thru
    I am at a loose as to how they are getting thru the fire wall.
    I am on Centos 5
    guess I will head to thier forum.

  4. #4
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    First question is how are you configuring your firewall?
    If it is a script then post the script.
    If it's the default way then post /etc/sysconfig/iptables file.

    Both of these are easier to read/understand then the iptables -L output.

    As to the ACCEPT they could be for a lot of things thus is the reason I don't like this output. Most likely for the LO interface and OUTPUT rulesbut from this output you cannot tell this.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  5. #5
    Just Joined!
    Join Date
    May 2009
    Posts
    7
    sorry I did not update here.
    the problems was I set the source port to 80, so they are coming in any where from 1024 to the max port.
    my solution was to remove the source port number so it blocks any port they used.

  6. #6
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    And that would be the way to completely block the ip address.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  7. #7
    Just Joined!
    Join Date
    May 2009
    Posts
    7
    Oh forgot moved them to the top before any ports were processed.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •