| Robert Spangler on 31 Jan 2011 11:26:49 -0800 |
[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]
| Re: [PLUG] iptables question |
On Monday 31 January 2011 11:57, Mike Sheinberg wrote: > Here's my current dump of /etc/sysconfig/iptables: > > # Generated by iptables-save v1.3.5 on Mon Jan 31 10:36:35 2011 > *filter > > :INPUT DROP [33:5345] > :FORWARD ACCEPT [0:0] > :OUTPUT ACCEPT [129:15384] > :fail2ban-ApacheAuth - [0:0] > :fail2ban-ApachePHPbot - [0:0] > :fail2ban-BadBots - [0:0] > :fail2ban-SSH - [0:0] > > -A INPUT -s *XXXXXXXXXXXXX* -j ACCEPT > -A INPUT -s *XXXXXXXXXXX*/255.255.255.224 -j ACCEPT > -A INPUT -p tcp -m tcp --dport 80 -j fail2ban-ApacheAuth > -A INPUT -p tcp -m multiport --dports 80,443 -j fail2ban-BadBots > -A INPUT -p tcp -m tcp --dport 80 -j fail2ban-ApachePHPbot > -A INPUT -p tcp -m tcp --dport 22 -j fail2ban-SSH > -A INPUT -p tcp -m state --state NEW -m multiport --dports 80,443 -j > ACCEPT -A INPUT -i lo -j ACCEPT > -A OUTPUT -d *XXXXXXXX*/255.255.255.224 -j ACCEPT > -A fail2ban-ApacheAuth -j RETURN > -A fail2ban-ApachePHPbot -j RETURN > -A fail2ban-BadBots -j RETURN > -A fail2ban-SSH -s *XXXXXXXXXX* -j DROP > -A fail2ban-SSH -j RETURN > COMMIT > # Completed on Mon Jan 31 10:36:35 2011 Is this the complete file? Why are you placing using '-j fail2ban-*' rules, they are doing nothing? Another thing I would suggest is using a STATEFUL firewall with NEW, ESTABLISHED and RELATED rules. Make for a better firewall. -- Regards Robert Linux The adventure of a lifetime. Linux User #296285 Get Counted http://counter.li.org/ ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug