Hi, I will rephrase a question I placed a little while before to inforce participation of others
My IPtables are wide open, and when I test to access an UDP port from the external interfase, the port appears closed,
Iptraf reports the attempt on the external interfase but registers an unreachable port, If I test with nmap
iptables -P INPUT ACCEPT
iptables -F INPUT
iptables -P OUTPUT ACCEPT
iptables -F OUTPUT
iptables -P FORWARD DROP
iptables -F FORWARD
iptables -t nat -F
echo "1" > /proc/sys/net/ipv4/ip_forward
echo "0" > /proc/sys/net/ipv4/tcp_ecn
exit
...all my other old rules from this point on
but still have udp ports closed,
Iptraf results:
UDP (877 bytes) from 10.0.0.102:sip to my.server.net:sip on eth0 │
ICMP dest unrch (port) (576 bytes) from my.server.net to 10.0.0.102 on et │
I checked with nmap with the following result
Starting nmap 3.81 (
http://www.insecure.org/nmap/ ) at 2006-01-04 12:34 CST
Initiating UDP Scan against my.server.net (xxx.xxx.xxx.xxx) [1 port] at 12:34
The UDP Scan took 0.01s to scan 1 total ports.
Host zeus.kinetos.net (xxx.xxx.xxx.xxx) appears to be up ... good.
Interesting ports on zeus.kinetos.net (xxx.xxx.xxx.xxx):
PORT STATE SERVICE
5060/udp closed unknown
Nmap finished: 1 IP address (1 host up) scanned in 0.190 seconds
Raw packets sent: 3 (96B) | Rcvd: 4 (140B)
My iptables -L:
root@zeus:~# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
I'm ussing debian sarge