Re: Strange behaviour of iptables in centos 7

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 



On 03/08/2016 09:43 AM, James Hogarth wrote:

On 8 Mar 2016 07:36, "anax" <anax@xxxxxxxx> wrote:


Hi
strange behaviour of iptables on a centos 7.0 machine:
The following rule is in the iptables of said machine:

[root@myserver ~]# iptables -L -v -n --line-numbers |grep 175\.
9        9   456 DROP       all  --  *      *       175.44.0.0/16

0.0.0.0/0

[root@myserver ~]#

The corresponding enty in /etc/sysconfig/iptables looks like:

[root@myserver ~]# grep 175 /etc/sysconfig/iptables
-A INPUT -s 175.44.0.0/16 -j DROP
[root@myserver ~]#

The rule must be there since ages, because it has number 9 out of 76

similar rules.


Today, on the same machine (I rechecked it to make sure not to confound

machines), I see the following extract of the ftplog:


<snip>
175.44.4.127    2915
175.44.26.128   2021
175.44.26.138   1322
175.44.6.186    1290
175.44.24.88    1219
175.44.4.199    1212
</snip>

saying that from this IP addresse there have been this many connections

to the ftp server on that machine during the last two days, which means
that the iptables haven't dropped the connection to the machine. As far as
I know, the ftp server is behind the iptables. I also checked to see in man
iptables, wheather the IP address is represented correctly.


What im I missing?



Please provide the full iptables listing as a snippet from one section is
not useful.

Keep in mind iptables does not go by the most specific entry but rather the
first matching rule hit.

If there are any rules prior to this drop that would permit the traffic
then of course the traffic would be permitted.

Also 7.0? Please get that system updated asap as you are missing many
important (and higher) issues being fixed.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos




Hi James

Thanks very much for your answer.

the full iptables list is in my reply to John.

But you are correct, I must update the system. This may fix the isssue.

suomi
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux