LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page firewall issues
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 01-02-2005, 01:29 AM   #1
strimp099
Member
 
Registered: Mar 2004
Location: Chicago
Distribution: Fedora 12
Posts: 56

Rep: Reputation: 15
firewall issues

Hello all,
I just "installed" a firewall on my system and I am testing the ports using Nmap. The output is interesting:

Code:
Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2005-01-02 01:24 CST
Interesting ports on 192.168.0.20:
(The 1656 ports scanned but not shown below are in state: closed)
PORT      STATE SERVICE
22/tcp    open  ssh
111/tcp   open  rpcbind
32770/tcp open  sometimes-rpc3

Nmap run completed -- 1 IP address (1 host up) scanned in 1.454 seconds
When I only have port 22/ssh open and the domain, http, and https closed, which are not even listed. Here is the firewall script...

Code:
!/bin/sh
IPTABLES=/sbin/iptables
$IPTABLES -F INPUT
$IPTABLES -A INPUT -j ACCEPT -m state --state \
   ESTABLISHED -i eth0 -p icmp
$IPTABLES -A INPUT -j ACCEPT -m state --state \
   ESTABLISHED -i eth0 -p tcp
$IPTABLES -A INPUT -j ACCEPT -m state --state \
   ESTABLISHED -i eth0 -p udp
$IPTABLES -A INPUT -p tcp --dport 22 -j ACCEPT
$IPTABLES -A INPUT -p udp --dport 53 -j ACCEPT
$IPTABLES -A INPUT -p tcp --dport 53 -j ACCEPT
$IPTABLES -A INPUT -p tcp --dport 80 -j ACCEPT
$IPTABLES -A INPUT -p tcp --dport 443 -j ACCEPT
$IPTABLES -A INPUT -p icmp -j ACCEPT
insmod /lib/modules/`uname -r`/kernel/net/ipv4/netfilter/ip_conntrack_ftp.ko
insmod /lib/modules/`uname -r`/kernel/net/ipv4/netfilter/ipt_LOG.ko
insmod /lib/modules/`uname -r`/kernel/net/ipv4/netfilter/ipt_REJECT.ko
insmod /lib/modules/`uname -r`/kernel/net/ipv4/netfilter/ipt_limit.ko
$IPTABLES -A INPUT -m limit --limit 3/second \
--limit-burst 5 -i ! lo -j LOG
$IPTABLES -A INPUT -i ! lo -j DROP
Which brings me to another interesting point; I have the full paths to all the modules and when I run the script, it says this:

Code:
insmod: error inserting '/lib/modules/2.6.5-1.358/kernel/net/ipv4/netfilter/ip_conntrack_ftp.ko': -1 File exists
insmod: error inserting '/lib/modules/2.6.5-1.358/kernel/net/ipv4/netfilter/ipt_LOG.ko': -1 File exists
insmod: error inserting '/lib/modules/2.6.5-1.358/kernel/net/ipv4/netfilter/ipt_REJECT.ko': -1 File exists
insmod: error inserting '/lib/modules/2.6.5-1.358/kernel/net/ipv4/netfilter/ipt_limit.ko': -1 File exists
insmod: error inserting '/lib/modules/2.6.5-1.358/kernel/net/ipv4/netfilter/ipt_state.ko': -1 File exists
I am assuming that has something to do with the nmap results.

Any advice is certainly apprciated!!

This is all running on FC2
 
Old 01-02-2005, 10:34 AM   #2
david_ross
Moderator
 
Registered: Mar 2003
Location: Scotland
Distribution: Slackware, RedHat, Debian
Posts: 12,047

Rep: Reputation: 79
You can't insmod more than once - hence the error if the modules are already loaded.

Have you got a webserver running:
netstat -nlp
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Firewall Issues craz3 Linux - Security 1 08-27-2005 02:36 PM
Firewall Issues acdc Linux - Networking 1 04-28-2004 02:00 PM
Firewall issues acdc Linux - Security 1 04-27-2004 05:08 AM
Mandrake Firewall having issues bassmadrigal Linux - Networking 0 02-24-2004 03:38 AM
Firewall issues.... fatbaldbob Linux - Networking 14 03-24-2003 01:46 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 10:58 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration