On 03/08/2016 08:50 AM, Rob Kampen wrote:
On 03/08/2016 08:35 PM, anax wrote:
Hi
strange behaviour of iptables on a centos 7.0 machine:
The following rule is in the iptables of said machine:
[root@myserver ~]# iptables -L -v -n --line-numbers |grep 175\.
9 9 456 DROP all -- * * 175.44.0.0/16
0.0.0.0/0
[root@myserver ~]#
The corresponding enty in /etc/sysconfig/iptables looks like:
[root@myserver ~]# grep 175 /etc/sysconfig/iptables
-A INPUT -s 175.44.0.0/16 -j DROP
[root@myserver ~]#
The rule must be there since ages, because it has number 9 out of 76
similar rules.
Today, on the same machine (I rechecked it to make sure not to
confound machines), I see the following extract of the ftplog:
<snip>
175.44.4.127 2915
175.44.26.128 2021
175.44.26.138 1322
175.44.6.186 1290
175.44.24.88 1219
175.44.4.199 1212
</snip>
saying that from this IP addresse there have been this many
connections to the ftp server on that machine during the last two
days, which means that the iptables haven't dropped the connection to
the machine. As far as I know, the ftp server is behind the iptables.
I also checked to see in man iptables, wheather the IP address is
represented correctly.
What im I missing?
You mention iptables - but no mention of firewalld - they both use the
same kernel mechanism, but it is important that both CANNOT be active!
If you configure and use firewalld you can query ># iptables -L and see
what is installed, however I have no idea if this exposes the entire set
of firewall statements - others that better understand this space, feel
free to weigh in.
CentOS 7 has firewalld enabled by default, thus the choice to use
iptables directly means that firewalld must be disabled.
HTH
thanks in advance
suomi
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
Hi Rob
Thank you for your answer.
I did really not consider that with firewalld. But when I check on the
server I get:
[root@myserver ~]# systemctl status firewalld
firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled;
vendor preset: enabled)
Active: inactive (dead)
[root@myserver ~]#
Also if I do:
[root@myserver ~]# ps xa |grep firewall
12235 pts/0 S+ 0:00 grep --color=auto firewall
[root@myserver ~]#
so firewalld is really not active.
suomi
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
