[CentOS] Intrusion Attempt Prevension - iptables problems

nate centos at linuxpowered.net
Mon Jan 12 18:47:17 UTC 2009


James B. Byrne wrote:

> Chain RH-Firewall-1-INPUT (2 references)
> num  target     prot opt source               destination
> 1    DROP       all  --  202.14.0.0/24        anywhere
> 2    DROP       all  --  220.232.0.0/24       anywhere

> Jan 12 13:36:02 inet01 sshd[16056]: Received disconnect from
> 220.232.152.137: 11: Bye Bye

> What is wrong with my IPTABLES rules that this connection is permitted?

Seems that your subnet masks are not correct

Try /16 instead of /24 if you really want to block the last two
octets.

nate




More information about the CentOS mailing list