Re: log iptable?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Michael Schwendt wrote:

Changing /etc/syslog.conf won't be enough. See my reply above.
Also consider posting the output of "iptables-save".

iptables-save output attached.

Bob Goodwin 
# Generated by iptables-save v1.2.7a on Sun May  4 12:58:52 2003
*mangle
:PREROUTING ACCEPT [15120:6031951]
:INPUT ACCEPT [15120:6031951]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [15000:3313961]
:POSTROUTING ACCEPT [14957:3312241]
COMMIT
# Completed on Sun May  4 12:58:52 2003
# Generated by iptables-save v1.2.7a on Sun May  4 12:58:52 2003
*nat
:PREROUTING ACCEPT [361:111660]
:POSTROUTING ACCEPT [5859:238493]
:OUTPUT ACCEPT [5902:240213]
COMMIT
# Completed on Sun May  4 12:58:52 2003
# Generated by iptables-save v1.2.7a on Sun May  4 12:58:52 2003
*filter
:INPUT DROP [1:64]
:FORWARD ACCEPT [0:0]
:OUTPUT DROP [0:0]
:LD - [0:0]
:SANITY - [0:0]
:STATE - [0:0]
:UNCLEAN - [0:0]
-A INPUT -i eth0 -m unclean -j UNCLEAN 
-A INPUT -s 65.32.1.80 -p tcp -m tcp ! --tcp-flags SYN,RST,ACK SYN -j ACCEPT 
-A INPUT -s 65.32.1.80 -p udp -j ACCEPT 
-A INPUT -s 65.32.2.136 -p tcp -m tcp ! --tcp-flags SYN,RST,ACK SYN -j ACCEPT 
-A INPUT -s 65.32.2.136 -p udp -j ACCEPT 
-A INPUT -s 65.32.1.70 -p tcp -m tcp ! --tcp-flags SYN,RST,ACK SYN -j ACCEPT 
-A INPUT -s 65.32.1.70 -p udp -j ACCEPT 
-A INPUT -s 198.72.72.10 -d 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 123 -j ACCEPT 
-A INPUT -s 198.72.72.10 -d 65.35.152.0/255.255.248.0 -p udp -m udp --dport 123 -j ACCEPT 
-A INPUT -s 131.144.4.9 -d 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 123 -j ACCEPT 
-A INPUT -s 131.144.4.9 -d 65.35.152.0/255.255.248.0 -p udp -m udp --dport 123 -j ACCEPT 
-A INPUT -s 208.171.54.42 -d 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 22 -j ACCEPT 
-A INPUT -s 208.171.54.42 -d 65.35.152.0/255.255.248.0 -p udp -m udp --dport 22 -j ACCEPT 
-A INPUT -i lo -j ACCEPT 
-A INPUT -d 65.35.152.0/255.255.248.0 -p icmp -m limit --limit 1/sec -j ACCEPT 
-A INPUT -s 1.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 2.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 5.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 7.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 23.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 27.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 31.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 36.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 37.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 39.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 41.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 42.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 58.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 59.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 60.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 69.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 70.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 71.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 72.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 73.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 74.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 75.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 76.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 77.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 78.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 79.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 82.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 83.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 84.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 85.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 86.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 87.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 88.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 89.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 90.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 91.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 92.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 93.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 94.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 95.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 96.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 97.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 98.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 99.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 100.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 101.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 102.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 103.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 104.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 105.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 106.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 107.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 108.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 109.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 110.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 111.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 112.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 113.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 114.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 115.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 116.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 117.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 118.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 119.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 120.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 121.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 122.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 123.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 124.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 125.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 126.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 128.66.0.0/255.255.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 172.16.0.0/255.240.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 197.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 221.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 222.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 223.0.0.0/255.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -s 240.0.0.0/240.0.0.0 -d 65.35.152.0/255.255.248.0 -i eth0 -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 31337 -m limit --limit 2/min -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p udp -m udp --dport 31337 -m limit --limit 2/min -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 33270 -m limit --limit 2/min -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p udp -m udp --dport 33270 -m limit --limit 2/min -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 1234 -m limit --limit 2/min -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 6711 -m limit --limit 2/min -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 16660 --tcp-flags SYN,RST,ACK SYN -m limit --limit 2/min -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 60001 --tcp-flags SYN,RST,ACK SYN -m limit --limit 2/min -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 12345:12346 -m limit --limit 2/min -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p udp -m udp --dport 12345:12346 -m limit --limit 2/min -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 135 -m limit --limit 2/min -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p udp -m udp --dport 135 -m limit --limit 2/min -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 1524 -m limit --limit 2/min -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 27665 -m limit --limit 2/min -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p udp -m udp --dport 27444 -m limit --limit 2/min -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p udp -m udp --dport 31335 -m limit --limit 2/min -j LD 
-A INPUT -s 224.0.0.0/255.0.0.0 -j LD 
-A INPUT -d 224.0.0.0/255.0.0.0 -j LD 
-A INPUT -s 255.255.255.255 -j LD 
-A INPUT -d 0.0.0.0 -j LD 
-A INPUT -m state --state INVALID -j LD 
-A INPUT -f -m limit --limit 10/min -j LD 
-A INPUT -i eth0 -p tcp -m tcp --dport 2049 -j LD 
-A INPUT -i eth0 -p udp -m udp --dport 2049 -j LD 
-A INPUT -i eth0 -p tcp -m tcp --dport 137:139 -j LD 
-A INPUT -i eth0 -p udp -m udp --dport 137:139 -j LD 
-A INPUT -i eth0 -p tcp -m tcp --dport 445 -j LD 
-A INPUT -i eth0 -p udp -m udp --dport 445 -j LD 
-A INPUT -i eth0 -p tcp -m tcp --dport 5000 -j LD 
-A INPUT -i eth0 -p udp -m udp --dport 5000 -j LD 
-A INPUT -i eth0 -p tcp -m tcp --dport 6000:6015 -j LD 
-A INPUT -i eth0 -p udp -m udp --dport 6000:6015 -j LD 
-A INPUT -p tcp -m tcp ! --tcp-flags SYN,RST,ACK SYN -m state --state NEW -j LD 
-A INPUT -d 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 1024:65535 -j STATE 
-A INPUT -d 65.35.152.0/255.255.248.0 -p udp -m udp --dport 1023:65535 -j ACCEPT 
-A INPUT -j LD 
-A OUTPUT -o eth0 -m unclean -j UNCLEAN 
-A OUTPUT -o lo -j ACCEPT 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 31337 -m limit --limit 2/min -j LD 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p udp -m udp --dport 31337 -m limit --limit 2/min -j LD 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 33270 -m limit --limit 2/min -j LD 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p udp -m udp --dport 33270 -m limit --limit 2/min -j LD 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 1234 -m limit --limit 2/min -j LD 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 6711 -m limit --limit 2/min -j LD 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 16660 --tcp-flags SYN,RST,ACK SYN -m limit --limit 2/min -j LD 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 60001 --tcp-flags SYN,RST,ACK SYN -m limit --limit 2/min -j LD 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 12345:12346 -m limit --limit 2/min -j LD 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p udp -m udp --dport 12345:12346 -m limit --limit 2/min -j LD 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 135 -m limit --limit 2/min -j LD 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p udp -m udp --dport 135 -m limit --limit 2/min -j LD 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 1524 -m limit --limit 2/min -j LD 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p tcp -m tcp --dport 27665 -m limit --limit 2/min -j LD 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p udp -m udp --dport 27444 -m limit --limit 2/min -j LD 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -p udp -m udp --dport 31335 -m limit --limit 2/min -j LD 
-A OUTPUT -s 224.0.0.0/255.0.0.0 -j LD 
-A OUTPUT -d 224.0.0.0/255.0.0.0 -j LD 
-A OUTPUT -s 255.255.255.255 -j LD 
-A OUTPUT -d 0.0.0.0 -j LD 
-A OUTPUT -o eth0 -p tcp -m tcp --dport 137:139 -j LD 
-A OUTPUT -o eth0 -p udp -m udp --dport 137:139 -j LD 
-A OUTPUT -o eth0 -p tcp -m tcp --dport 445 -j LD 
-A OUTPUT -o eth0 -p udp -m udp --dport 445 -j LD 
-A OUTPUT -p tcp -m tcp ! --tcp-flags SYN,RST,ACK SYN -m state --state NEW -j DROP 
-A OUTPUT -m ttl --ttl-eq 64 
-A OUTPUT -s 65.35.152.0/255.255.248.0 -o eth0 -p icmp -j ACCEPT 
-A OUTPUT -j ACCEPT 
-A LD -j LOG 
-A LD -j DROP 
-A SANITY -j LD 
-A STATE -i ! lo -m state --state NEW -j ACCEPT 
-A STATE -m state --state RELATED,ESTABLISHED -j ACCEPT 
-A STATE -j LD 
-A UNCLEAN -j LD 
COMMIT
# Completed on Sun May  4 12:58:52 2003
[Index of Archives]     [Fedora Users]     [Centos Users]     [Kernel Development]     [Red Hat Install]     [Red Hat Watch]     [Red Hat Development]     [Red Hat Phoebe Beta]     [Yosemite Forum]     [Fedora Discussion]     [Gimp]     [Stuff]     [Yosemite News]

  Powered by Linux