On 03/08/2016 08:35 PM, anax wrote: > Hi > strange behaviour of iptables on a centos 7.0 machine: > The following rule is in the iptables of said machine: > > [root at myserver ~]# iptables -L -v -n --line-numbers |grep 175\. > 9 9 456 DROP all -- * * 175.44.0.0/16 > 0.0.0.0/0 > [root at myserver ~]# > > The corresponding enty in /etc/sysconfig/iptables looks like: > > [root at myserver ~]# grep 175 /etc/sysconfig/iptables > -A INPUT -s 175.44.0.0/16 -j DROP > [root at myserver ~]# > > The rule must be there since ages, because it has number 9 out of 76 > similar rules. > > Today, on the same machine (I rechecked it to make sure not to > confound machines), I see the following extract of the ftplog: > > <snip> > 175.44.4.127 2915 > 175.44.26.128 2021 > 175.44.26.138 1322 > 175.44.6.186 1290 > 175.44.24.88 1219 > 175.44.4.199 1212 > </snip> > > saying that from this IP addresse there have been this many > connections to the ftp server on that machine during the last two > days, which means that the iptables haven't dropped the connection to > the machine. As far as I know, the ftp server is behind the iptables. > I also checked to see in man iptables, wheather the IP address is > represented correctly. > > What im I missing? > You mention iptables - but no mention of firewalld - they both use the same kernel mechanism, but it is important that both CANNOT be active! If you configure and use firewalld you can query ># iptables -L and see what is installed, however I have no idea if this exposes the entire set of firewall statements - others that better understand this space, feel free to weigh in. CentOS 7 has firewalld enabled by default, thus the choice to use iptables directly means that firewalld must be disabled. HTH > thanks in advance > > suomi > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos