Re: ipset not actually blocking

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Appears the iptables update 1.4.7-14 which came with CentOS6 r6 is the most
likely culprit.

The solution for now is:
delete ',dst' from the iptables INPUT chain
delete 'src,' from the iptables OUTPUT chain.




On Mon, Dec 8, 2014 at 5:39 PM, Rob Townley <rob.townley@xxxxxxxxx> wrote:

> i created an ipset and added 8.8.8.8 to it and used the same iptables
> working all summer long  but
> ​i can still ping 8.8.8.8 and do nslookup queries against it.   ipset or
> iptables is broken.
>   Anybody else rebooted since  ipset-6.11-3.el6.i686 was installed and
> actually tested that IP addresses that are supposed to be blacklisted are
> actually blocked?
>
>
> Filed CentOS bug report 7977 <http://bugs.centos.org/view.php?id=7977>
> this morning.  ipset was working great most of the year until ipset 6.11.-3
> CentOS bug 7977​ <http://bugs.centos.org/view.php?id=7977>
>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos





[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux