Re: [PLUG] IPTABLES CentOS 6.8

[Clay Wells <clayw@sas.upenn.edu>]

Hi Ed,

Aside from fixing any issues you are currently having, I recommend
spending more time learning how iptables works. Here are a few good
resources. Keep in mind, order matters. Once a rule is matched in a
chain, no other rules in that chain will be processed.

https://fedoraproject.org/wiki/How_to_edit_iptables_rules
https://help.ubuntu.com/community/IptablesHowTo
http://serverfault.com/questions/480085/iptables-rule-order

I also recommend testing each chain as you update it. Becoming
familiar with nping (included with nmap) and hping3 (no longer
actively supported) will be most helpful. Understanding how these
tools work and using them on a regular basis will deepen your knowledge
and be a great asset when troubleshooting firewall issues.

https://github.com/antirez/hping
https://nmap.org/nping/

If you enjoying programming and love a challenge, create your own tool
using Python and Scapy. It's likely other languages include a Scapy
library.

Cheers,
Clay

On 11/28/2016 11:00 PM, Ed Ackerman wrote:
> Lets try this again...
> 
> As requested here is the information
> 
> On Mon, 28 Nov 2016, bergman@merctech.com wrote:
> 
>> In the message dated: Sun, 27 Nov 2016 21:01:30 -0500,
>> The pithy ruminations from Ed Ackerman on
>> <[PLUG] IPTABLES CentOS 6.8> were:
>> =>
>>
>> [SNIP!]
>>
>>
>> Really, the error message lacks the trailing "e" in the word "name"?
>> Very odd.
>>
>> That seems as if you have no "INPUT" target. That's unusual. What do
>> the following commands show:
>>
>>     systemctl status  iptables.service
>>
>>     iptables -L -n --line-numbers | sed -e
>> "s/\([0-9]\{1,3\}\.\)\{3\}[0-9]\{1,3\}/444.333.222.111/g"
>>
>> (note that the obfuscation of all IP addressess is great a preserving
>> privacy but makes more specific troubleshooting, um, difficult).
>>
>>
>> Similarly, the INPUT chain defaults to "ACCEPT". Since that's a built-in
>> chain, it should always exist.
>>
>> Ideas? Well, my first idea is that it's extremely difficult to provide
>> meaningful troubleshooting with so little information.
>>
>> It would be helpful if you attached the complete
>> /etc/sysconfig/iptables file.
>>
>> Note "attached", rather than "cut & pasted".  I've seen too many
>> instances
>> where incorrect End of Line characters (thing Windows text editor)
>> cause *nix scripts (or text-based input files) to fail in strange ways.
>>
> 
> ---
> #include <std.disclaimer>;    | select * from users
> Ed Ackerman            |    where users.clue = 1;
> edack@kengel.com        | 0 rows returned
> 
> 
> ___________________________________________________________________________
> Philadelphia Linux Users Group         --        http://www.phillylinux.org
> Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
> General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug
> 


-- 
Clay Wells
Information Security Engineer
School of Arts & Sciences
University of Pennsylvania

GnuPG Information
Key ID = 3C13D220
Key fingerprint = 9E93 7AE2 FFA9 2ACC 6709  C519 44AA EAC2 3C13 D220
--
___________________________________________________________________________
Philadelphia Linux Users Group         --        http://www.phillylinux.org
Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce
General Discussion  --   http://lists.phillylinux.org/mailman/listinfo/plug