On 03/08/2016 08:35 PM, anax wrote:
Hi strange behaviour of iptables on a centos 7.0 machine: The following rule is in the iptables of said machine:
[root@myserver ~]# iptables -L -v -n --line-numbers |grep 175. 9 9 456 DROP all -- * * 175.44.0.0/16 0.0.0.0/0 [root@myserver ~]#
The corresponding enty in /etc/sysconfig/iptables looks like:
[root@myserver ~]# grep 175 /etc/sysconfig/iptables -A INPUT -s 175.44.0.0/16 -j DROP [root@myserver ~]#
The rule must be there since ages, because it has number 9 out of 76 similar rules.
Today, on the same machine (I rechecked it to make sure not to confound machines), I see the following extract of the ftplog:
<snip> 175.44.4.127 2915 175.44.26.128 2021 175.44.26.138 1322 175.44.6.186 1290 175.44.24.88 1219 175.44.4.199 1212 </snip>
saying that from this IP addresse there have been this many connections to the ftp server on that machine during the last two days, which means that the iptables haven't dropped the connection to the machine. As far as I know, the ftp server is behind the iptables. I also checked to see in man iptables, wheather the IP address is represented correctly.
What im I missing?
You mention iptables - but no mention of firewalld - they both use the same kernel mechanism, but it is important that both CANNOT be active! If you configure and use firewalld you can query ># iptables -L and see what is installed, however I have no idea if this exposes the entire set of firewall statements - others that better understand this space, feel free to weigh in. CentOS 7 has firewalld enabled by default, thus the choice to use iptables directly means that firewalld must be disabled. HTH
thanks in advance
suomi _______________________________________________ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos