[CentOS] Strange behaviour of iptables in centos 7

anax

anax at ayni.com
Tue Mar 8 07:35:51 UTC 2016


Hi
strange behaviour of iptables on a centos 7.0 machine:
The following rule is in the iptables of said machine:

[root at myserver ~]# iptables -L -v -n --line-numbers |grep 175\.
9        9   456 DROP       all  --  *      *       175.44.0.0/16 
  0.0.0.0/0
[root at myserver ~]#

The corresponding enty in /etc/sysconfig/iptables looks like:

[root at myserver ~]# grep 175 /etc/sysconfig/iptables
-A INPUT -s 175.44.0.0/16 -j DROP
[root at myserver ~]#

The rule must be there since ages, because it has number 9 out of 76 
similar rules.

Today, on the same machine (I rechecked it to make sure not to confound 
machines), I see the following extract of the ftplog:

<snip>
175.44.4.127	2915
175.44.26.128	2021
175.44.26.138	1322
175.44.6.186	1290
175.44.24.88	1219
175.44.4.199	1212
</snip>

saying that from this IP addresse there have been this many connections 
to the ftp server on that machine during the last two days, which means 
that the iptables haven't dropped the connection to the machine. As far 
as I know, the ftp server is behind the iptables. I also checked to see 
in man iptables, wheather the IP address is represented correctly.

What im I missing?

thanks in advance

suomi



More information about the CentOS mailing list