Re: iptables question

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On 6/16/2014 2:58 PM, Chuck Campbell wrote:
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> fail2ban-VSFTPD  tcp  --  anywhere             anywhere            tcp dpt:ftp
> fail2ban-SSH  tcp  --  anywhere             anywhere            tcp dpt:ssh
> RH-Firewall-1-INPUT  all  --  anywhere             anywhere
> DROP       all  --  116.10.191.0/24      anywhere
> DROP       all  --  183.136.220.0/24     anywhere
> DROP       all  --  183.136.221.0/24     anywhere
> DROP       all  --  183.136.222.0/24     anywhere
> DROP       all  --  183.136.223.0/24     anywhere
> DROP       all  --  122.224.11.0/24      anywhere
> DROP       all  --  219.138.0.0/16       anywhere
>
> ...
>
> Chain RH-Firewall-1-INPUT (2 references)
> target     prot opt source               destination
> ACCEPT     all  --  anywhere             anywhere
> ACCEPT     icmp --  anywhere             anywhere            icmp any
> ACCEPT     esp  --  anywhere             anywhere
> .
> .
> .
>
> Yet in my logwatch emails, I see this, long after the iptables rules are in
> place to drop some ip ranges:

RH-Firewall-1-INPUT is being invoked prior to your DROP rules, and is 
ACCEPTing all packets.



-- 
john r pierce                                      37N 122W
somewhere on the middle of the left coast

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux