Linux - Newbie This Linux forum is for members that are new to Linux.
Notices
Welcome to
LinuxQuestions.org , a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free.
Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please
contact us . If you need to reset your password,
click here .
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a
virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month.
Click here for more info.
#1
LQ Newbie
Registered: Oct 2009
Posts: 4
Rep:
can't ssh from external IP 2 Ethernal cards
Hi,
#2
Senior Member
Registered: Mar 2004
Location: UK
Distribution: CentOS 6/7
Posts: 1,375
Perhaps trying setting the listenaddress in /etc/ssh/sshd_config to the external ip so it only listens to the external ip address. Not sure why you are seeing this behaviour at all.
#3
Member
Registered: Nov 2005
Distribution: Raspbian, Debian, Ubuntu
Posts: 380
Rep:
With both interfaces up, can you ping the external IP address from where the ssh is failing?
#4
LQ Newbie
Registered: Oct 2009
Posts: 4
Original Poster
Rep:
Yes, I can
#5
Member
Registered: Nov 2005
Location: Turkey
Distribution: Suse
Posts: 104
Rep:
May be due to the firewall, which distro are you using?
#6
LQ Newbie
Registered: Oct 2009
Posts: 4
Original Poster
Rep:
CentOS release 5.3 (Final). Do you the thing is because of Centos?
#7
Senior Member
Registered: Mar 2004
Location: UK
Distribution: CentOS 6/7
Posts: 1,375
It's unlikely to be related to CentOS as CentOS generally can handle that kind of thing fairly easily. Can you copy and paste (into code tags) the output of the following command.
#8
Senior Member
Registered: Apr 2008
Location: Gurgaon, India
Distribution: Cent OS 6/7
Posts: 4,631
Rep:
I have a similar setup on CentOS (same version) and still no issues. I can ssh from outside on the internet as well as from the intranet.
#9
LQ Newbie
Registered: Oct 2009
Posts: 4
Original Poster
Rep:
That's all i have
Code:
Chain INPUT (policy ACCEPT 3 packets, 806 bytes)
pkts bytes target prot opt in out source destination
2257 282K ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 1.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 2.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 112.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 113.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 114.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 115.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 173.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 174.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 175.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 176.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 177.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 178.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 179.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 180.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 181.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 182.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 183.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 184.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 185.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 186.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 187.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 197.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 223.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 240.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 241.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 242.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 243.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 244.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 245.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 246.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 247.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 248.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 249.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 250.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 250.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 251.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 252.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 253.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 254.0.0.0/8 0.0.0.0/0
0 0 DROP all -- * * 255.0.0.0/8 0.0.0.0/0
846 111K TMP_DROP all -- * * 0.0.0.0/0 0.0.0.0/0
846 111K TALLOW all -- * * 0.0.0.0/0 0.0.0.0/0
846 111K TDENY all -- * * 0.0.0.0/0 0.0.0.0/0
846 111K TGALLOW all -- * * 0.0.0.0/0 0.0.0.0/0
846 111K TGDENY all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:135:139
3 687 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:135:139
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:111
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:111
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:513
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:513
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:520
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:520
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:445
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1433
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1433
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1434
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1434
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1234
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1234
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1524
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1524
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3127
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:3127
842 110K IN_SANITY all -- * * 0.0.0.0/0 0.0.0.0/0
842 110K FRAG_UDP all -- * * 0.0.0.0/0 0.0.0.0/0
842 110K PZERO all -- * * 0.0.0.0/0 0.0.0.0/0
842 110K P2P all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:69
539 78819 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5060
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5065
245 13572 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5918
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6600
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:10000:20000
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:69
21 11840 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:5060
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:10000:20000
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 limit: avg 30/sec burst 5
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 5 limit: avg 30/sec burst 5
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11 limit: avg 30/sec burst 5
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 0 limit: avg 30/sec burst 5
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 30 limit: avg 30/sec burst 5
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 30/sec burst 5
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
31 4416 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 194.204.152.34 0.0.0.0/0 udp spt:53 dpts:1023:65535
0 0 ACCEPT tcp -- * * 194.204.152.34 0.0.0.0/0 tcp spt:53 dpts:1023:65535
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:53 dpts:1023:65535
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 dpts:1023:65535
0 0 ACCEPT udp -- * * 194.204.159.1 0.0.0.0/0 udp spt:53 dpts:1023:65535
0 0 ACCEPT tcp -- * * 194.204.159.1 0.0.0.0/0 tcp spt:53 dpts:1023:65535
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:53 dpts:1023:65535
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53 dpts:1023:65535
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1023:65535 dpt:21 state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20 state RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20 state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:5918 dpts:513:65535 state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65535 dpt:5918 flags:0x17/0x02 state RELATED,ESTABL
ISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:5918 state ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpts:33434:33534
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0
6 1731 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 4 packets, 1110 bytes)
pkts bytes target prot opt in out source destination
2257 282K ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
93 4464 TCPMSS tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
0 0 DROP all -- * * 0.0.0.0/0 1.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 2.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 5.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 23.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 27.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 31.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 36.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 37.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 39.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 42.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 46.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 94.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 95.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 100.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 101.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 102.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 103.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 104.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 105.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 106.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 107.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 108.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 109.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 110.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 111.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 112.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 113.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 114.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 115.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 173.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 174.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 175.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 176.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 177.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 178.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 179.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 180.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 181.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 182.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 183.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 184.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 185.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 186.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 187.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 197.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 223.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 240.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 241.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 242.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 243.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 244.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 245.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 246.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 247.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 248.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 249.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 250.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 251.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 252.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 253.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 254.0.0.0/8
0 0 DROP all -- * * 0.0.0.0/0 255.0.0.0/8
1029 480K TMP_DROP all -- * * 0.0.0.0/0 0.0.0.0/0
1029 480K TALLOW all -- * * 0.0.0.0/0 0.0.0.0/0
1029 480K TDENY all -- * * 0.0.0.0/0 0.0.0.0/0
1029 480K TGALLOW all -- * * 0.0.0.0/0 0.0.0.0/0
1029 480K TGDENY all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:135:139
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:135:139
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:111
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:111
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:513
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:513
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:520
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:520
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:445
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1433
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1433
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1434
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1434
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1234
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1234
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1524
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1524
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3127
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:3127
1027 480K OUT_SANITY all -- * * 0.0.0.0/0 0.0.0.0/0
1027 480K FRAG_UDP all -- * * 0.0.0.0/0 0.0.0.0/0
1027 480K PZERO all -- * * 0.0.0.0/0 0.0.0.0/0
1027 480K P2P all -- * * 0.0.0.0/0 0.0.0.0/0
965 465K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:1024:65535 state RELATED,ESTABLISHED
14 7839 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:1024:65535 state RELATED,ESTABLISHED
19 1258 ACCEPT udp -- * * 0.0.0.0/0 194.204.152.34 udp spts:1023:65535 dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 194.204.152.34 tcp spts:1023:65535 dpt:53
0 0 ACCEPT udp -- * * 0.0.0.0/0 194.204.152.34 udp spts:1023:65535 dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 194.204.152.34 tcp spts:1023:65535 dpt:53
0 0 ACCEPT udp -- * * 0.0.0.0/0 194.204.159.1 udp spts:1023:65535 dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 194.204.159.1 tcp spts:1023:65535 dpt:53
0 0 ACCEPT udp -- * * 0.0.0.0/0 194.204.159.1 udp spts:1023:65535 dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 194.204.159.1 tcp spts:1023:65535 dpt:53
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:21 dpts:1023:65535 state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20 state RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20 state RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state NEW udp dpts:33434:33534
29 6007 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FRAG_UDP (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP udp -f * * 0.0.0.0/0 0.0.0.0/0
Chain IN_SANITY (1 references)
pkts bytes target prot opt in out source destination
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x37
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x01
Chain P2P (2 references)
pkts bytes target prot opt in out source destination
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:1214 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:1214 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:1214 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:1214 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:2323 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:2323 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:2323 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:2323 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65534 dpts:4660:4678 reject-with icmp-port-unreacha
ble
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:4660:4678 dpts:1024:65534 reject-with icmp-port-unreacha
ble
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpts:4660:4678 reject-with icmp-port-unreacha
ble
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:4660:4678 dpts:1024:65534 reject-with icmp-port-unreacha
ble
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6257 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:6257 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:6257 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:6257 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6699 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:6699 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:6699 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:6699 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6346 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:6346 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:6346 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:6346 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6347 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:6347 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:6347 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:6347 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:1024:65534 dpts:6881:6889 reject-with icmp-port-unreacha
ble
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spts:6881:6889 dpts:1024:65534 reject-with icmp-port-unreacha
ble
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpts:6881:6889 reject-with icmp-port-unreacha
ble
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:6881:6889 dpts:1024:65534 reject-with icmp-port-unreacha
ble
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:6346 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:6346 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:6346 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:6346 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:7778 reject-with icmp-port-unreachable
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:7778 dpts:1024:65534 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spts:1024:65534 dpt:7778 reject-with icmp-port-unreachable
0 0 REJECT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:7778 dpts:1024:65534 reject-with icmp-port-unreachable
Chain PROHIBIT (0 references)
pkts bytes target prot opt in out source destination
0 0 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
Chain PZERO (2 references)
pkts bytes target prot opt in out source destination
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:0
0 0 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:0
0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:0
Chain RESET (0 references)
pkts bytes target prot opt in out source destination
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset
Chain TALLOW (2 references)
pkts bytes target prot opt in out source destination
Chain TDENY (2 references)
pkts bytes target prot opt in out source destination
Chain TGALLOW (2 references)
pkts bytes target prot opt in out source destination
Chain TGDENY (2 references)
pkts bytes target prot opt in out source destination
Chain TMP_DROP (2 references)
#10
Senior Member
Registered: Apr 2008
Location: Gurgaon, India
Distribution: Cent OS 6/7
Posts: 4,631
Rep:
Isnt it a better policy to default it to DROP and accept only those you want? Though it doesnt it seem to deny the connections, you can explicitly mention the rules to accept the connections from where you want. Also you could check the tcpwrappers as well.
All times are GMT -5. The time now is 05:16 PM .
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know .
