Hi
strange behaviour of iptables on a centos 7.0 machine:
The following rule is in the iptables of said machine:
[root@myserver ~]# iptables -L -v -n --line-numbers |grep 175\.
9 9 456 DROP all -- * * 175.44.0.0/16
0.0.0.0/0
[root@myserver ~]#
The corresponding enty in /etc/sysconfig/iptables looks like:
[root@myserver ~]# grep 175 /etc/sysconfig/iptables
-A INPUT -s 175.44.0.0/16 -j DROP
[root@myserver ~]#
The rule must be there since ages, because it has number 9 out of 76
similar rules.
Today, on the same machine (I rechecked it to make sure not to confound
machines), I see the following extract of the ftplog:
<snip>
175.44.4.127 2915
175.44.26.128 2021
175.44.26.138 1322
175.44.6.186 1290
175.44.24.88 1219
175.44.4.199 1212
</snip>
saying that from this IP addresse there have been this many connections
to the ftp server on that machine during the last two days, which means
that the iptables haven't dropped the connection to the machine. As far
as I know, the ftp server is behind the iptables. I also checked to see
in man iptables, wheather the IP address is represented correctly.
What im I missing?
thanks in advance
suomi
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
