LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 09-05-2014, 05:15 PM   #1
battles
Member
 
Registered: Apr 2014
Distribution: Debian GNU/Linux 7.5 (wheezy)
Posts: 258

Rep: Reputation: Disabled
iptables data


pkts bytes target prot opt in out source
8 320 DROP all -- * * 1.160.0.0/13
0 0 DROP all -- * * 1.161.21.237
58 2320 DROP all -- * * 1.163.0.0/16
907 43168 DROP all -- * * 61.174.0.0/16 /* china */
2248 134K DROP all -- * * 82.221.96.0/19 /* Croatia */

Does the pkts column represent the number of times the source has attempted to get into my server since I DROP(ed) them?

Thanks
 
Old 09-09-2014, 02:11 AM   #2
es0teric
Member
 
Registered: Apr 2007
Distribution: Ubuntu
Posts: 105

Rep: Reputation: 19
It represents the number of packets that have hit that rule. For example, zero packets have been dropped due to rule number 2, and 2248 packets have been dropped due to the last rule.
 
Old 09-09-2014, 08:18 AM   #3
battles
Member
 
Registered: Apr 2014
Distribution: Debian GNU/Linux 7.5 (wheezy)
Posts: 258

Original Poster
Rep: Reputation: Disabled
That is what I thought was going on, but I wasn't sure. I have written a bash script that auto builds an iptables record that DROPs any intrusive hits to my web page (404, POST, PUT, DELETE, PATCH, TRACE, HEAD, CONNECT) or SSH hits (Failed password, POSSIBLE BREAK-IN ATTEMPT, authentication failure, Did not receive, Invalid user). It is probably similar to FailToBan, only it never reopens the DROPed IPs. I thought I would clean up the DROPs if they were 0.

Thanks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
www-data execute iptables Legolas891 Linux - Security 2 12-22-2009 03:36 PM
IPTables Show data transferred size in KB, MB priyadarshan Linux - Software 13 02-12-2009 04:27 AM
network user data logging (using iptables) stevod333 Linux - Software 1 07-29-2007 04:26 PM
iptables data collection gabsik Linux - Software 1 08-31-2006 12:34 AM
iptables packet data filtering firewall <Ol>Origy Linux - Networking 1 08-15-2005 06:07 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 07:45 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration