LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 02-21-2009, 01:59 PM   #16
dan83
LQ Newbie
 
Registered: Feb 2009
Posts: 24

Original Poster
Rep: Reputation: 15

Quote:
adds entries to your iptables
how to do this? where is iptables file?
 
Old 02-21-2009, 02:04 PM   #17
frieza
Senior Member
 
Registered: Feb 2002
Location: harvard, il
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,200

Rep: Reputation: 397Reputation: 397Reputation: 397Reputation: 397
actually i'ts not a single file it is a set of files
i don't know the exact location but the best way to change those files are with the iptables commands
if this seems confusing
try webmin
http://www.webmin.com
or firestarter
http://www.fs-security.com/
to provide you with a graphical interface to administer these tasks
hope it helps
 
Old 02-21-2009, 02:09 PM   #18
dan83
LQ Newbie
 
Registered: Feb 2009
Posts: 24

Original Poster
Rep: Reputation: 15
is there not a more simple way?i would not install a module to make working another module and i am not even sure that it will work at then end and i am not feeling safe to install modules that i dont know and i dont even know how to install them
 
Old 02-21-2009, 02:22 PM   #19
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 376Reputation: 376Reputation: 376Reputation: 376
dan83, you need to run this command:
Code:
iptables -nvL INPUT
...in order to confirm whether or not the rules are being properly inserted. There could be a ton of different reasons why things aren't working as expected but this would be the first step in the troubleshooting process. Post the output of that command if you are unable to make sense of it.

Last edited by win32sux; 02-21-2009 at 02:44 PM. Reason: Added INPUT to command in order to not waste space with FORWARD/OUTPUT.
 
Old 02-21-2009, 02:28 PM   #20
frieza
Senior Member
 
Registered: Feb 2002
Location: harvard, il
Distribution: Ubuntu 11.4,DD-WRT micro plus ssh,lfs-6.6,Fedora 15,Fedora 16
Posts: 3,200

Rep: Reputation: 397Reputation: 397Reputation: 397Reputation: 397
Quote:
Originally Posted by dan83 View Post
is there not a more simple way?i would not install a module to make working another module and i am not even sure that it will work at then end and i am not feeling safe to install modules that i dont know and i dont even know how to install them
if you are refering to my suggestion, neither of them are modules they are separate programs that simply provide an interface, i have used both, firestarter might even be in the repository for your distribution, for centos try yum install firestarter
 
Old 02-21-2009, 02:54 PM   #21
dan83
LQ Newbie
 
Registered: Feb 2009
Posts: 24

Original Poster
Rep: Reputation: 15
Exclamation

Quote:
Originally Posted by win32sux View Post
dan83, you need to run this command:
Code:
iptables -nvL INPUT
...in order to confirm whether or not the rules are being properly inserted. There could be a ton of different reasons why things aren't working as expected but this would be the first step in the troubleshooting process. Post the output of that command if you are unable to make sense of it.
[root@host145-236-149-62 ~]# iptables -nvL
Chain INPUT (policy DROP 87731 packets, 5071K bytes)
pkts bytes target prot opt in out source destination
100K 7407K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
4421 249K REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 reject-with tcp-reset
151 12012 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0

25 1200 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8443
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:8880
29944 1581K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:443
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:21
36 1728 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:587
1 44 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:25
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:465
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:110
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:995
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:143
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:993
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:106
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5432
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:9008
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:9080
8617 680K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:137
2276 502K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:138
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:139
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1194
3650 211K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 code 0
4049 408K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 reject-with tcp-reset
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
0 0 ACCEPT all -- lo lo 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
107K 86M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
2415 4704K REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 reject-with tcp-reset
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
0 0 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
48 4251 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
 
Old 02-21-2009, 04:16 PM   #22
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 376Reputation: 376Reputation: 376Reputation: 376
Quote:
Originally Posted by dan83 View Post
[root@host145-236-149-62 ~]
Code:
# iptables -nvL
Chain INPUT (policy DROP 87731 packets, 5071K bytes)
 pkts bytes target     prot opt in     out     source               destination
 100K 7407K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
 4421  249K REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:!0x17/0x02 reject-with tcp-reset
  151 12012 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           state INVALID
    0     0 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0

   25  1200 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:8443
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:8880
29944 1581K ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:80
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:443
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:21
   36  1728 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:22
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:587
    1    44 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:25
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:465
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:110
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:995
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:143
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:993
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:106
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:3306
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:5432
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:9008
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:9080
 8617  680K ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:137
 2276  502K ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:138
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:139
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:445
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:1194
 3650  211K ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:53
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:53
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 8 code 0
 4049  408K ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
    0     0 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:!0x17/0x02 reject-with tcp-reset
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           state INVALID
    0     0 ACCEPT     all  --  lo     lo      0.0.0.0/0            0.0.0.0/0
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination
 107K   86M ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
 2415 4704K REJECT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp flags:!0x17/0x02 reject-with tcp-reset
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0           state INVALID
    0     0 ACCEPT     all  --  *      lo      0.0.0.0/0            0.0.0.0/0
   48  4251 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0
There's no source IP rules there. That means the iptables commands aren't being executed, or are being executed with invalid syntax. This could be caused by the IP list file not being in the right format. Are you sure the format is one IP per line and nothing else? For this to work, it has too look like:
Code:
123.123.123.123
234.234.234.234
[...]
 
Old 02-21-2009, 04:34 PM   #23
dan83
LQ Newbie
 
Registered: Feb 2009
Posts: 24

Original Poster
Rep: Reputation: 15
yes, i cut the ip list coz forum said too long.
i attached it in this post.
Attached Files
File Type: txt 2.txt (66.7 KB, 8 views)
 
Old 02-21-2009, 04:37 PM   #24
win32sux
LQ Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 376Reputation: 376Reputation: 376Reputation: 376
Quote:
Originally Posted by dan83 View Post
yes, i cut the ip list coz forum said too long.
i attached it in this post.
That's not an IP list. That's the output of an "iptables -nvL INPUT" command. It shows there are indeed many IPs being blacklisted. They are being blacklisted in a protocol-specific way, though, so this is the result of a different script.

Last edited by win32sux; 02-21-2009 at 04:39 PM.
 
Old 02-21-2009, 04:39 PM   #25
dan83
LQ Newbie
 
Registered: Feb 2009
Posts: 24

Original Poster
Rep: Reputation: 15
yes i meant that, the part with all ips inside
 
Old 02-22-2009, 06:34 AM   #26
dan83
LQ Newbie
 
Registered: Feb 2009
Posts: 24

Original Poster
Rep: Reputation: 15
no idea to make it working?
 
Old 02-22-2009, 08:13 AM   #27
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531
This is turning out to be a very inefficient thread. I think you should go back to start and post, in BB code tags: 0) your /etc/sysconfig/iptables, 1) the script that made those changes and 2) the output of running 'file' on the list containing the IP addresses to block.
 
Old 02-22-2009, 08:46 AM   #28
dan83
LQ Newbie
 
Registered: Feb 2009
Posts: 24

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by unSpawn View Post
This is turning out to be a very inefficient thread. I think you should go back to start and post, in BB code tags: 0) your /etc/sysconfig/iptables, 1) the script that made those changes and 2) the output of running 'file' on the list containing the IP addresses to block.
i ve not understood what i should do?
 
Old 02-22-2009, 08:54 AM   #29
unSpawn
Moderator
 
Registered: May 2001
Posts: 29,331
Blog Entries: 55

Rep: Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531Reputation: 3531
Quote:
Originally Posted by dan83 View Post
i ve not understood what i should do?
What exactly is it that you do not understand?
Please be verbose when responding.
 
Old 02-22-2009, 10:10 AM   #30
dan83
LQ Newbie
 
Registered: Feb 2009
Posts: 24

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by unSpawn View Post
I think you should go back to start and post, in BB code tags: 0) your /etc/sysconfig/iptables, 1) the script that made those changes and 2) the output of running 'file' on the list containing the IP addresses to block....
this
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How to ban IPs from Internal ? ThanhDuongCong Linux - Networking 6 11-21-2008 01:24 AM
Ban a Range of IPs in iptables userlander Linux - Networking 4 11-13-2008 02:07 PM
Can I Ban Certain IPs or Subnets davidstvz Linux - Newbie 8 08-16-2008 10:34 AM
Best way to ban blocks of IPs? hank43 Linux - Security 4 02-23-2007 03:36 PM


All times are GMT -5. The time now is 04:45 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration