[CentOS] iptables question
John R Pierce
pierce at hogranch.com
Mon Jun 16 22:11:21 UTC 2014
On 6/16/2014 2:58 PM, Chuck Campbell wrote:
> Chain INPUT (policy ACCEPT)
> target prot opt source destination
> fail2ban-VSFTPD tcp -- anywhere anywhere tcp dpt:ftp
> fail2ban-SSH tcp -- anywhere anywhere tcp dpt:ssh
> RH-Firewall-1-INPUT all -- anywhere anywhere
> DROP all -- 116.10.191.0/24 anywhere
> DROP all -- 183.136.220.0/24 anywhere
> DROP all -- 183.136.221.0/24 anywhere
> DROP all -- 183.136.222.0/24 anywhere
> DROP all -- 183.136.223.0/24 anywhere
> DROP all -- 122.224.11.0/24 anywhere
> DROP all -- 219.138.0.0/16 anywhere
>
> ...
>
> Chain RH-Firewall-1-INPUT (2 references)
> target prot opt source destination
> ACCEPT all -- anywhere anywhere
> ACCEPT icmp -- anywhere anywhere icmp any
> ACCEPT esp -- anywhere anywhere
> .
> .
> .
>
> Yet in my logwatch emails, I see this, long after the iptables rules are in
> place to drop some ip ranges:
RH-Firewall-1-INPUT is being invoked prior to your DROP rules, and is
ACCEPTing all packets.
--
john r pierce 37N 122W
somewhere on the middle of the left coast
More information about the CentOS
mailing list