LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 01-04-2006, 12:25 PM   #1
mfeoli
Member
 
Registered: Dec 2003
Distribution: Debian
Posts: 92

Rep: Reputation: 15
Question All UDP ports of my firewall are closed even without iptables rules, any clue?


Hi all,

I have a fairly odd situation here, at least to me who are no expert.

I have a firewall on my network which works with IPTables, it has allways worked fine.

a short while ago, don't know when exactly, or due to which event that I might have changed... I lost acces via UDP ports,

So I had to change my OpenVPN to tcp, and worked...,

but I still need to use UDP ports for other things like connecting a SIP phone (port UDP 5060).

Since it wasn't working, I flushed all rules and accepted all with the following:

iptables -P INPUT ACCEPT
iptables -F INPUT
iptables -P OUTPUT ACCEPT
iptables -F OUTPUT
iptables -P FORWARD DROP
iptables -F FORWARD
iptables -t nat -F
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "0" > /proc/sys/net/ipv4/tcp_ecn

exit

...all my other old rules from this point on

but still have udp ports closed, I checked with nmap with the following result

Starting nmap 3.81 ( http://www.insecure.org/nmap/ ) at 2006-01-04 12:34 CST
Initiating UDP Scan against my.server.net (xxx.xxx.xxx.xxx) [1 port] at 12:34
The UDP Scan took 0.01s to scan 1 total ports.
Host zeus.kinetos.net (xxx.xxx.xxx.xxx) appears to be up ... good.
Interesting ports on zeus.kinetos.net (xxx.xxx.xxx.xxx):
PORT STATE SERVICE
5060/udp closed unknown

Nmap finished: 1 IP address (1 host up) scanned in 0.190 seconds
Raw packets sent: 3 (96B) | Rcvd: 4 (140B)

My iptables -L:

root@zeus:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination


BTW, I'm ussing debian sarge


I really appreciate any input

Last edited by mfeoli; 01-04-2006 at 04:34 PM.
 
Old 01-04-2006, 04:53 PM   #2
mfeoli
Member
 
Registered: Dec 2003
Distribution: Debian
Posts: 92

Original Poster
Rep: Reputation: 15
Just to complete my information

I'm testing from a fixed ip inside the network, If I call to the external eth card I get this on iptraf:

UDP (877 bytes) from 10.0.0.102:sip to zeus.kinetos.net:sip on eth0
ICMP dest unrch (port) (576 bytes) from zeus.kinetos.net to 10.0.0.102 on eth0

If I call to the internal card 10.0.0.1 it works fine :

UDP (863 bytes) from 10.0.0.102:sip to zeus.kinetos.loc:sip on eth0
UDP (532 bytes) from zeus.kinetos.loc:sip to 10.0.0.102:sip on eth0
 
Old 01-05-2006, 10:07 AM   #3
mfeoli
Member
 
Registered: Dec 2003
Distribution: Debian
Posts: 92

Original Poster
Rep: Reputation: 15
As an update, I also tried yesterday to connect from outside my network, (just in case the problem was from using the inside to connect to the outside), but results were the same, no UDP access,

look forward to any comment
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
udp ports in suse 9.0 firewall? QCompson Linux - Security 1 03-16-2004 06:27 AM
Can't firewall udp ports 137 and 138 dbaker Linux - Security 4 06-29-2003 03:41 PM
UDP ports and IPTables estranged0877 Linux - Networking 4 02-18-2003 01:44 PM
Whole bunch of UDP ports open on firewall machine AllenWood Linux - Networking 1 03-07-2001 10:46 AM
Whole bunch of UDP ports open on firewall machine AllenWood Linux - Security 1 03-06-2001 06:45 PM


All times are GMT -5. The time now is 07:28 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration