LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page iptables
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 04-30-2009, 04:23 PM   #1
intervade
LQ Newbie
 
Registered: May 2006
Posts: 9

Rep: Reputation: 0
iptables

Ok so I'm really new to iptables but I've looked through my logs and I'm seeing a ton of login attemps on my server that shouldn't be there, they are coming in the masses, so I want to block all incoming traffic on my ssh port(22) EXCEPT ips of 192.168.x.x so here is what I've done.

Code:
iptables -A INPUT -p tcp --dport 22 -j DROP
iptables -A INPUT -p tcp -s 192.168.0.0/16 --dport 22 -j ACCEPT
Now that is NOT working, I cannot access my own server on my local network for some strange reason, and yes the server is on my local network haha. Is there something I'm doing wrong?

ALSO

the list command returns:
Code:
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:22 
ACCEPT     tcp  --  192.168.0.0/16       0.0.0.0/0           tcp dpt:22
Thanks,
Dalton
Last edited by intervade; 04-30-2009 at 04:30 PM.
 
Old 04-30-2009, 04:31 PM   #2
rweaver
Senior Member
 
Registered: Dec 2008
Location: Louisville, OH
Distribution: Debian, CentOS, Slackware, RHEL, Gentoo
Posts: 1,833

Rep: Reputation: 167Reputation: 167
They're backwards. You're dropping everything up front.

Code:
iptables -F
iptables -A INPUT -p tcp -s 192.168.0.0/16 --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j DROP
Quite honestly, if you're already behind a firewall and not doing port forwarding to this machine... you're effectively doing nothing to increase security. If you're port forwarding 22 to this machine from the firewall, just turn it off.

If this IS the firewall then there are better ways to build these rules.
Last edited by rweaver; 04-30-2009 at 04:36 PM.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
An error occured getting IPtables status from the command /etc/rc.d/init.d/iptables s CrazyMAzeY Linux - Newbie 10 08-12-2010 05:25 AM
iptables v1.2.9: Unknown arg `/sbin/iptables' Try `iptables -h' or 'iptables --help' Niceman2005 Linux - Security 4 12-29-2005 08:20 PM
Iptables - Couldn't load target `ACCPET':/lib/iptables/libipt_ACCPET.so: z00t Linux - Security 3 01-26-2004 02:24 AM
IPtables Log Analyzer from http://www.gege.org/iptables/ brainlego Linux - Software 0 08-11-2003 06:08 AM
My iptables script is /etc/sysconfig/iptables. How do i make this baby execute on boo ForumKid Linux - General 3 01-22-2002 07:36 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:33 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration