LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 02-11-2003, 07:49 PM   #1
estranged0877
Member
 
Registered: Jan 2003
Posts: 52

Rep: Reputation: 15
Unhappy UDP ports and IPTables


Alright, I need some help here, can anyone test this themselves (if you have a firewall up) and let me know what is up with this????

I have used iptables to drop all incoming connections with the exception of established ports.

Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state REtLATED,ESTABLISHED
ACCEPT all -- anywhere anywhere state NEW

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

When I run online port scans they detect nothing, TCP or UDP. Says I have a working firewall. However when I use AATools.exe scan from remote sites pinging my IP address it doesn't show any TCP but the UDP's are off the chart, almost every single UDP port shows up all couple thousand of them.

Can anyone help me figure this out???

Thanks
 
Old 02-17-2003, 06:08 AM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,310
Blog Entries: 54

Rep: Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859
I have used iptables to drop all incoming connections with the exception of established ports.
No you don't. You're accepting Related+established (syn+ack, push+ack etc etc) *AND New (syn)*. Remember UDP is stateless so no flags for that.

Posting the output of "iptables -L" would be better, else check the FAQ at the top of the forum.
 
Old 02-17-2003, 09:33 AM   #3
estranged0877
Member
 
Registered: Jan 2003
Posts: 52

Original Poster
Rep: Reputation: 15
iptables -L

I have posted the "iptables -L" in my original posting.... is there something else you are curious to see?

Thanks for any help...
 
Old 02-18-2003, 01:33 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,310
Blog Entries: 54

Rep: Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859Reputation: 2859
Your firewall script then.
 
Old 02-18-2003, 01:44 PM   #5
estranged0877
Member
 
Registered: Jan 2003
Posts: 52

Original Poster
Rep: Reputation: 15
Aside from the IPtable, I only have masquerading going. I haven't created any "firewall script"
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
UDP ports Khalinsar Linux - Security 1 06-05-2005 12:51 PM
question about udp ports mcd Linux - Networking 3 03-15-2005 04:13 AM
Open UDP ports ArnaudVR Linux - Security 6 06-25-2003 10:43 AM
Closing UDP ports in RHL 8.0 estranged0877 Linux - Security 2 01-26-2003 02:27 PM
IPChains & UDP ports Sonicsone Linux - Networking 9 12-17-2002 01:48 PM


All times are GMT -5. The time now is 11:33 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration