LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 11-26-2008, 08:05 AM   #1
Linux Fan
LQ Newbie
 
Registered: Jun 2008
Posts: 29

Rep: Reputation: 15
my port 80 is closed


hi all
I have iptables and I was able to accept the connection to my firewall on port 80>
now I tried to check that port by using this commandand I got the following:

#telnet localhost 80
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
telnet: Unable to connect to remote host: Connection refused


I didn't change any role in my firewall so please how can I reopen this port????
 
Old 11-26-2008, 08:15 AM   #2
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
well back to basics... is anything actually listening on port 80??
 
Old 11-26-2008, 09:23 AM   #3
rizwanrafique
Member
 
Registered: Jul 2006
Distribution: Debian, Ubuntu, openSUSE, CentOS
Posts: 147

Rep: Reputation: 19
what does iptables -L say?
 
Old 11-27-2008, 12:50 AM   #4
Linux Fan
LQ Newbie
 
Registered: Jun 2008
Posts: 29

Original Poster
Rep: Reputation: 15
h have this role in my iptables:
-A PREROUTING -d 80.227.115.114 -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.1.2.18:8080
and when I tried to do this in explorer http://10.1.2.18:8080 I can make sure that apache is working
but wgen I tried http://80.227.115.114 nothing appear (this ip for my firewall)
for iptable -l:


# Generated by iptables-save v1.3.0 on Mon Jul 28 12:57:10 2008
*mangle
:FORWARD ACCEPT [928229949:722821372790]
:INPUT ACCEPT [3272484:461958983]
:OUTPUT ACCEPT [2460887:348177454]
:POSTROUTING ACCEPT [955347026:723654732741]
:PREROUTING ACCEPT [931635753:723291308482]
COMMIT
# Completed on Mon Jul 28 12:57:10 2008
# Generated by iptables-save v1.3.0 on Mon Jul 28 12:57:10 2008
*nat
:OUTPUT ACCEPT [514612:39871806]
:POSTROUTING ACCEPT [2554560:151041034]
:PREROUTING ACCEPT [4505188:351410789]
-A POSTROUTING -s 10.1.2.0/255.255.255.0 -o eth0 -j MASQUERADE
-A POSTROUTING -s 192.168.1.0/255.255.255.0 -o eth0 -j MASQUERADE
-A POSTROUTING -s 10.1.2.18 -d 192.168.1.179 -j MASQUERADE
-A PREROUTING -s 213.42.137.38 -p tcp -m tcp --dport 21 -j DNAT --to-destination 10.1.2.19
-A PREROUTING -s 213.42.135.82 -p tcp -m tcp --dport 22 -j DNAT --to-destination 10.1.2.19
-A PREROUTING -d 80.227.115.115 -p tcp -m tcp --sport 25 -j DNAT --to-destination 192.168.1.70
-A PREROUTING -d 80.227.115.115 -p tcp -m tcp --dport 25 -j DNAT --to-destination 192.168.1.70
-A PREROUTING -d 80.227.115.115 -p tcp -m tcp --dport 143 -j DNAT --to-destination 192.168.1.70
-A PREROUTING -d 80.227.115.115 -i eth0 -p tcp -m tcp --dport 443 -j DNAT --to-destination 192.168.1.70
-A PREROUTING -d 80.227.115.114 -i eth0 -p tcp -m tcp --sport 25 -j DNAT --to-destination 10.1.2.19
-A PREROUTING -d 80.227.115.114 -i eth0 -p tcp -m tcp --dport 25 -j DNAT --to-destination 10.1.2.19
-A PREROUTING -d 80.227.115.114 -p tcp -m tcp --dport 143 -j DNAT --to-destination 10.1.2.19
-A PREROUTING -p tcp -m tcp --dport 22 -j LOG
-A PREROUTING -d 80.227.115.114 -i eth0 -p tcp -m tcp --dport 444 -j DNAT --to-destination 10.1.2.19
-A PREROUTING -d 80.227.115.114 -i eth0 -p tcp -m tcp --dport 443 -j DNAT --to-destination 10.1.2.19
-A PREROUTING -s 213.42.137.33 -p tcp -m tcp --dport 3306 -j DNAT --to-destination 10.1.2.18:3306
-A PREROUTING -d 80.227.115.114 -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.1.2.18:8080
-A PREROUTING -p tcp -m tcp --dport 3382 -j DNAT --to-destination 192.168.1.75:3389
-A PREROUTING -d 80.227.115.114 -i eth0 -p tcp -m tcp --dport 29470 -j DNAT --to-destination 192.168.1.154
-A PREROUTING -s 10.1.2.18 -i eth2 -p tcp -m tcp --dport 3309 -j DNAT --to-destination 213.42.153.152:3306
-A PREROUTING -p tcp -m tcp --dport 2222 -j DNAT --to-destination 10.1.2.18:22
-A PREROUTING -s 192.168.1.105 -i eth1 -p tcp -m tcp --dport 3309 -j DNAT --to-destination 213.42.153.152:3306
-A PREROUTING -p tcp -m tcp --dport 3390 -j DNAT --to-destination 192.168.1.105:3389
COMMIT
# Completed on Mon Jul 28 12:57:10 2008
# Generated by iptables-save v1.3.0 on Mon Jul 28 12:57:10 2008
*filter
:DOWNLOADS - [0:0]
:FORWARD DROP [264014:13015275]
:INPUT ACCEPT [0:0]
:OPERATORS - [0:0]
:OUTPUT ACCEPT [2460887:348177454]
:UPLOADS - [0:0]
:dmz1-dmz2 - [0:0]
:dmz2-dmz1 - [0:0]
-A DOWNLOADS -d 192.168.1.1 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.16 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.36 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.48 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.49 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.51 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.55 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.66 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.67 -i eth0 -j ACCEPT
-A DOWNLOADS -d 10.1.2.0/255.255.255.0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.70 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.74 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.78 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.79 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.81 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.84 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.85 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.86 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.87 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.88 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.89 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.92 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.98 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.99 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.101 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.102 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.103 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.105 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.106 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.107 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.108 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.111 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.112 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.116 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.118 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.119 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.120 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.121 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.122 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.123 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.124 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.125 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.126 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.127 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.128 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.129 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.130 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.75 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.132 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.133 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.134 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.135 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.138 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.141 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.144 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.148 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.149 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.151 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.152 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.153 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.154 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.155 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.157 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.158 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.137 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.159 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.160 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.161 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.162 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.163 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.164 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.165 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.166 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.167 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.168 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.169 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.170 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.171 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.173 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.174 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.177 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.178 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.179 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.180 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.182 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.183 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.184 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.185 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.186 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.187 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.189 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.190 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.192 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.196 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.197 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.198 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.199 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.181 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.82 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.33 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.115 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.29 -i eth0 -j ACCEPT
-A DOWNLOADS -d 192.168.1.100 -i eth0 -j ACCEPT
-A FORWARD -s 192.168.1.55 -j ACCEPT
-A FORWARD -s 192.168.1.75 -j ACCEPT
-A FORWARD -d 208.65.153.238 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -d 208.65.153.253 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -d 8.6.13.62 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -d 193.238.160.62 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -s 192.168.1.72 -p tcp -m tcp --dport 3306 -j OPERATORS
-A FORWARD -d 192.168.1.0/255.255.255.0 -i eth0 -o eth1 -j DOWNLOADS
-A FORWARD -d 216.240.136.65 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -d 66.197.211.182 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -d 66.197.211.181 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -d 66.197.143.166 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -d 66.197.143.165 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -d 208.65.153.253 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -d 208.65.153.251 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -d 72.32.103.177 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -d 208.65.153.241 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -d 208.65.153.245 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -d 208.65.153.242 -j REJECT --reject-with icmp-port-unreachable
-A FORWARD -s 213.42.135.82 -p tcp -m tcp --dport 22 -j ACCEPT
-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth1 -o eth2 -j dmz1-dmz2
-A FORWARD -i eth2 -o eth1 -j dmz2-dmz1
-A FORWARD -s 192.168.1.42 -p tcp -m tcp --dport 3306 -j OPERATORS
-A FORWARD -i eth1 -o eth0 -j UPLOADS
-A FORWARD -i eth2 -o eth0 -j UPLOADS
-A FORWARD -i eth0 -o eth2 -j DOWNLOADS
-A FORWARD -s 192.168.1.72 -d 217.148.178.36 -p tcp -m tcp --dport 80 -j OPERATORS
-A FORWARD -s 192.168.1.5 -p tcp -m tcp --dport 3306 -j OPERATORS
-A FORWARD -s 192.168.1.54 -p tcp -m tcp --dport 3306 -j OPERATORS
-A FORWARD -s 192.168.1.80 -d 213.42.137.38 -p tcp -m tcp --dport 80 -j OPERATORS
-A FORWARD -s 192.168.1.80 -p tcp -m tcp --dport 3306 -j OPERATORS
-A FORWARD -s 192.168.1.100 -p tcp -m tcp --dport 3306 -j OPERATORS
-A INPUT -i eth0 -p tcp -m tcp --dport 53 -j ACCEPT
-A INPUT -i eth0 -p udp -m udp --dport 53 -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth1 -j ACCEPT
-A INPUT -i eth2 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -j DROP
-A OPERATORS -j ACCEPT
-A UPLOADS -s 192.168.1.1 -o eth0 -m mac --mac-source 00:08:02:F1:17:47 -j ACCEPT
-A UPLOADS -s 192.168.1.16 -o eth0 -m mac --mac-source 00:06:5B:DE:12:17 -j ACCEPT
-A UPLOADS -s 192.168.1.36 -o eth0 -m mac --mac-source 00:30:05:16:F2:A0 -j ACCEPT
-A UPLOADS -s 192.168.1.48 -o eth0 -m mac --mac-source 00:02:55:1A:96:CA -j ACCEPT
-A UPLOADS -s 192.168.1.49 -o eth0 -m mac --mac-source 00:30:05:16:F1:82 -j ACCEPT
-A UPLOADS -s 192.168.1.51 -o eth0 -m mac --mac-source 00:30:48:71:05:66 -j ACCEPT
-A UPLOADS -s 192.168.1.55 -o eth0 -m mac --mac-source 00:E0:81:62:4B:CE -j ACCEPT
-A UPLOADS -s 192.168.1.66 -o eth0 -m mac --mac-source 00:30:65:5A:4A:D6 -j ACCEPT
-A UPLOADS -s 192.168.1.67 -o eth0 -m mac --mac-source 00:03:93:4B:B0:20 -j ACCEPT
-A UPLOADS -s 10.1.2.0/255.255.255.0 -j ACCEPT
-A UPLOADS -s 192.168.1.70 -o eth0 -m mac --mac-source 00:50:8B:DC:D7:63 -j ACCEPT
-A UPLOADS -s 192.168.1.74 -o eth0 -m mac --mac-source 00:14:C2:06:9F:6B -j ACCEPT
-A UPLOADS -s 192.168.1.78 -o eth0 -m mac --mac-source 00:30:05:16:F1:73 -j ACCEPT
-A UPLOADS -s 192.168.1.79 -o eth0 -m mac --mac-source 00:12:17:70:F7:72 -j ACCEPT
-A UPLOADS -s 192.168.1.81 -o eth0 -m mac --mac-source 00:13:20:A9:BD:AF -j ACCEPT
-A UPLOADS -s 192.168.1.84 -o eth0 -m mac --mac-source 00:0B:DB:A4:54:0A -j ACCEPT
-A UPLOADS -s 192.168.1.85 -o eth0 -m mac --mac-source 00:13:20:A9:C6:BB -j ACCEPT
-A UPLOADS -s 192.168.1.86 -o eth0 -m mac --mac-source 00:13:20:49:15:1F -j ACCEPT
-A UPLOADS -s 192.168.1.87 -o eth0 -m mac --mac-source 00:11:24:3F:2B:66 -j ACCEPT
-A UPLOADS -s 192.168.1.88 -o eth0 -m mac --mac-source 00:0D:93:65:54:76 -j ACCEPT
-A UPLOADS -s 192.168.1.89 -o eth0 -m mac --mac-source 00:11:24:3F:3E:CA -j ACCEPT
-A UPLOADS -s 192.168.1.92 -o eth0 -m mac --mac-source 00:0D:61:6F:14:F9 -j ACCEPT
-A UPLOADS -s 192.168.1.98 -o eth0 -m mac --mac-source 00:16:6F:53:53:33 -j ACCEPT
-A UPLOADS -s 192.168.1.99 -o eth0 -m mac --mac-source 00:16:35:AB:73:8B -j ACCEPT
-A UPLOADS -s 192.168.1.101 -o eth0 -m mac --mac-source 00:16:35:AB:61:4A -j ACCEPT
-A UPLOADS -s 192.168.1.102 -o eth0 -m mac --mac-source 00:16:35:AB:61:7A -j ACCEPT
-A UPLOADS -s 192.168.1.103 -o eth0 -m mac --mac-source 00:0B:CD:93:72:25 -j ACCEPT
-A UPLOADS -s 192.168.1.105 -o eth0 -m mac --mac-source 00:16:35:AB:70:5A -j ACCEPT
-A UPLOADS -s 192.168.1.106 -o eth0 -m mac --mac-source 00:16:35:AB:71:4A -j ACCEPT
-A UPLOADS -s 192.168.1.107 -o eth0 -m mac --mac-source 00:0C:F1:0E:B0:81 -j ACCEPT
-A UPLOADS -s 192.168.1.108 -o eth0 -m mac --mac-source 00:0D:9D:5D:18:68 -j ACCEPT
-A UPLOADS -s 192.168.1.111 -o eth0 -m mac --mac-source 00:13:02:0E:03:4E -j ACCEPT
-A UPLOADS -s 192.168.1.112 -o eth0 -m mac --mac-source 00:16:CF:5B:31:46 -j ACCEPT
-A UPLOADS -s 192.168.1.116 -o eth0 -m mac --mac-source 00:50:8B:FA:8D:69 -j ACCEPT
-A UPLOADS -s 192.168.1.118 -o eth0 -m mac --mac-source 00:11:24:A8:86:B1 -j ACCEPT
-A UPLOADS -s 192.168.1.119 -o eth0 -m mac --mac-source 00:30:05:27:43:A4 -j ACCEPT
-A UPLOADS -s 192.168.1.120 -o eth0 -m mac --mac-source 00:13:02:69:D2:37 -j ACCEPT
-A UPLOADS -s 192.168.1.121 -o eth0 -m mac --mac-source 00:C0:9F:83:99:F0 -j ACCEPT
-A UPLOADS -s 192.168.1.122 -o eth0 -m mac --mac-source 00:0F:66:AF:38:B0 -j ACCEPT
-A UPLOADS -s 192.168.1.123 -o eth0 -m mac --mac-source 00:13:CE:EB:60:65 -j ACCEPT
-A UPLOADS -s 192.168.1.124 -o eth0 -m mac --mac-source 00:17:31:8A:21:82 -j ACCEPT
-A UPLOADS -s 192.168.1.125 -o eth0 -m mac --mac-source 00:1A:73:24:4F:93 -j ACCEPT
-A UPLOADS -s 192.168.1.126 -o eth0 -m mac --mac-source 00:16:D3:02:29:0D -j ACCEPT
-A UPLOADS -s 192.168.1.127 -o eth0 -m mac --mac-source 00:14:51:2E:DA:7A -j ACCEPT
-A UPLOADS -s 192.168.1.128 -o eth0 -m mac --mac-source 00:19:E3:00:69:66 -j ACCEPT
-A UPLOADS -s 192.168.1.129 -o eth0 -m mac --mac-source 00:16:D3:09:7B:17 -j ACCEPT
-A UPLOADS -s 192.168.1.130 -o eth0 -m mac --mac-source 00:18:DE:A7:FF:C4 -j ACCEPT
-A UPLOADS -s 192.168.1.75 -o eth0 -m mac --mac-source 00:15:60:52:1B:84 -j ACCEPT
-A UPLOADS -s 192.168.1.132 -o eth0 -m mac --mac-source 00:13:02:97:39:CF -j ACCEPT
-A UPLOADS -s 192.168.1.133 -o eth0 -m mac --mac-source 00:0B:6B:4C:37:2E -j ACCEPT
-A UPLOADS -s 192.168.1.134 -o eth0 -m mac --mac-source 00:30:05:16:F2:A1 -j ACCEPT
-A UPLOADS -s 192.168.1.135 -o eth0 -m mac --mac-source 00:02:3F:11:42:DC -j ACCEPT
-A UPLOADS -s 192.168.1.138 -o eth0 -m mac --mac-source 00:C0:9F:FE:58:3D -j ACCEPT
-A UPLOADS -s 192.168.1.141 -o eth0 -m mac --mac-source 00:16:36:9C:7A:3B -j ACCEPT
-A UPLOADS -s 192.168.1.144 -o eth0 -m mac --mac-source 00:08:74:04:4D:7E -j ACCEPT
-A UPLOADS -s 192.168.1.148 -o eth0 -m mac --mac-source 00:18:DE:32:F2:CA -j ACCEPT
-A UPLOADS -s 192.168.1.149 -o eth0 -m mac --mac-source 00:18:DE:1A:FC:1E -j ACCEPT
-A UPLOADS -s 192.168.1.153 -o eth0 -m mac --mac-source 00:18:DE:C6:21:26 -j ACCEPT
-A UPLOADS -s 192.168.1.154 -o eth0 -m mac --mac-source 00:1A:73:56:63:C3 -j ACCEPT
-A UPLOADS -s 192.168.1.155 -o eth0 -m mac --mac-source 00:1B:24:53:81:80 -j ACCEPT
-A UPLOADS -s 192.168.1.157 -o eth0 -m mac --mac-source 00:1B:24:4A:3A:52 -j ACCEPT
-A UPLOADS -s 192.168.1.158 -o eth0 -m mac --mac-source 00:1A:73:56:73:5B -j ACCEPT
-A UPLOADS -s 192.168.1.137 -o eth0 -m mac --mac-source 00:18:DE:47:34:8D -j ACCEPT
-A UPLOADS -s 192.168.1.151 -o eth0 -m mac --mac-source 00:16:36:A3:83:DB -j ACCEPT
-A UPLOADS -s 192.168.1.152 -o eth0 -m mac --mac-source 00:17:31:8A:16:D4 -j ACCEPT
-A UPLOADS -s 192.168.1.159 -o eth0 -m mac --mac-source 00:17:F2:C6:B1:7E -j ACCEPT
-A UPLOADS -s 192.168.1.160 -o eth0 -m mac --mac-source 00:02:44:A4:28:B8 -j ACCEPT
-A UPLOADS -s 192.168.1.161 -o eth0 -m mac --mac-source 00:E0:81:54:64:87 -j ACCEPT
-A UPLOADS -s 192.168.1.162 -o eth0 -m mac --mac-source 00:E0:81:54:87:CD -j ACCEPT
-A UPLOADS -s 192.168.1.163 -o eth0 -m mac --mac-source 00:0C:F1:09:F2:96 -j ACCEPT
-A UPLOADS -s 192.168.1.164 -o eth0 -m mac --mac-source 00:16:6F:28:83:D3 -j ACCEPT
-A UPLOADS -s 192.168.1.165 -o eth0 -m mac --mac-source 00:12:F0:04:3A:3A -j ACCEPT
-A UPLOADS -s 192.168.1.166 -o eth0 -m mac --mac-source 00:06:5B:F1:40:49 -j ACCEPT
-A UPLOADS -s 192.168.1.167 -o eth0 -m mac --mac-source 00:1A:73:24:4F:93 -j ACCEPT
-A UPLOADS -s 192.168.1.168 -o eth0 -m mac --mac-source 00:1B:24:86:7F:F9 -j ACCEPT
-A UPLOADS -s 192.168.1.169 -o eth0 -m mac --mac-source 00:1B:77:9F:57:4F -j ACCEPT
-A UPLOADS -s 192.168.1.170 -o eth0 -m mac --mac-source 00:19:D2:DC:F5:77 -j ACCEPT
-A UPLOADS -s 192.168.1.171 -o eth0 -m mac --mac-source 00:19:66:14:1C:E3 -j ACCEPT
-A UPLOADS -s 192.168.1.173 -o eth0 -m mac --mac-source 00:16:36:10:59:2E -j ACCEPT
-A UPLOADS -s 192.168.1.174 -o eth0 -m mac --mac-source 00:1B:77:BC:7C:9A -j ACCEPT
-A UPLOADS -s 192.168.1.177 -o eth0 -m mac --mac-source 00:1D:09:07:3F:EC -j ACCEPT
-A UPLOADS -s 192.168.1.178 -o eth0 -m mac --mac-source 00:1A:73:30:B5:18 -j ACCEPT
-A UPLOADS -s 192.168.1.179 -o eth0 -m mac --mac-source 00:0B:6B:4C:37:2E -j ACCEPT
-A UPLOADS -s 192.168.1.180 -o eth0 -m mac --mac-source 00:15:00:45:A5:80 -j ACCEPT
-A UPLOADS -s 192.168.1.182 -o eth0 -m mac --mac-source 00:13:CE:B2:06:79 -j ACCEPT
-A UPLOADS -s 192.168.1.183 -o eth0 -m mac --mac-source 00:FF:6E:67:53:0A -j ACCEPT
-A UPLOADS -s 192.168.1.184 -o eth0 -m mac --mac-source 00:1B:77:89:D1:7F -j ACCEPT
-A UPLOADS -s 192.168.1.185 -o eth0 -m mac --mac-source 00:16:36:F5:C2:48 -j ACCEPT
-A UPLOADS -s 192.168.1.186 -o eth0 -m mac --mac-source 00:17:31:8A:1F:87 -j ACCEPT
-A UPLOADS -s 192.168.1.187 -o eth0 -m mac --mac-source 00:FF:23:1E:D3:F0 -j ACCEPT
-A UPLOADS -s 192.168.1.189 -o eth0 -m mac --mac-source 00:13:E8:B8:90:1B -j ACCEPT
-A UPLOADS -s 192.168.1.190 -o eth0 -m mac --mac-source 00:1B:24:98:D6:FF -j ACCEPT
-A UPLOADS -s 192.168.1.192 -o eth0 -m mac --mac-source 00:1C:BF:BE:2F:F2 -j ACCEPT
-A UPLOADS -s 192.168.1.196 -o eth0 -m mac --mac-source 00:16:CB:08:0B:DB -j ACCEPT
-A UPLOADS -s 192.168.1.197 -o eth0 -m mac --mac-source 00:0E:35:EF:18:92 -j ACCEPT
-A UPLOADS -s 192.168.1.198 -o eth0 -m mac --mac-source 00:14:A4:3A:6E:58 -j ACCEPT
-A UPLOADS -s 192.168.1.199 -o eth0 -m mac --mac-source 00:1F:3C:04:35:78 -j ACCEPT
-A UPLOADS -s 192.168.1.181 -o eth0 -m mac --mac-source 00:0A:E4:DC:CA:FB -j ACCEPT
-A UPLOADS -s 192.168.1.82 -o eth0 -m mac --mac-source 00:13:20:49:14:37 -j ACCEPT
-A UPLOADS -s 192.168.1.33 -o eth0 -m mac --mac-source 00:30:05:27:44:EA -j ACCEPT
-A UPLOADS -s 192.168.1.115 -o eth0 -m mac --mac-source 00:17:F2:C7:59:CA -j ACCEPT
-A UPLOADS -s 192.168.1.29 -o eth0 -m mac --mac-source 00:0D:9D:CF:88:71 -j ACCEPT
-A UPLOADS -s 192.168.1.100 -o eth0 -m mac --mac-source 00:16:35:AB:62:6C -j ACCEPT
-A dmz1-dmz2 -j ACCEPT
-A dmz2-dmz1 -j ACCEPT
COMMIT
# Completed on Mon Jul 28 12:57:10 2008

Last edited by Linux Fan; 11-27-2008 at 01:14 AM.
 
Old 11-27-2008, 02:29 AM   #5
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
OK, I'll say it again...
Quote:
Originally Posted by acid_kewpie View Post
well back to basics... is anything actually listening on port 80??
 
Old 11-27-2008, 03:32 AM   #6
Linux Fan
LQ Newbie
 
Registered: Jun 2008
Posts: 29

Original Poster
Rep: Reputation: 15
Quote:
Originally Posted by acid_kewpie View Post
OK, I'll say it again...
actually any connection comes to port 80 I forwarded it to another server
-A PREROUTING -d 80.227.115.114 -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 10.1.2.18:8080
 
Old 11-27-2008, 05:47 AM   #7
acid_kewpie
Moderator
 
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417

Rep: Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976Reputation: 1976
well you're telneting to lo not eth0, so that won't apply
 
Old 11-27-2008, 07:09 AM   #8
Linux Fan
LQ Newbie
 
Registered: Jun 2008
Posts: 29

Original Poster
Rep: Reputation: 15
I got the idea
thank you guys the problem has been solved
i tried to log to that port from one of our server out side the network
it worked

Last edited by Linux Fan; 11-27-2008 at 08:15 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Port Scan: Closed Port instead of Stealth unihiekka Linux - Security 9 12-26-2005 09:51 PM
port 25 is closed? abd_bela Red Hat 3 04-12-2005 04:58 PM
is the 25 port closed abd_bela Linux - Networking 5 08-18-2004 09:27 AM
Port 25 Closed karuna Linux - Newbie 0 03-02-2004 03:17 PM
firewall.rc.config says :"open port 8080" but nmap says port is closed saavik Linux - Security 2 02-14-2002 01:16 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:09 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration