Ståle Skrevet 25. juni 2007 Skrevet 25. juni 2007 Jeg installerte Firestarter pa Debian serveren. Og apnet 80, 21, 22, 5900. Men, plutselig virket ikke internett, eller apt-get lenger. Har installert Firestarter pa Ubuntu ogsa, men da skjedde det ikke noe mer enn som var satt opp bydefault i iptables...tror jeg..
Ståle Skrevet 26. juni 2007 Forfatter Skrevet 26. juni 2007 stale@debian:~$ sudo iptables -nLChain INPUT (policy DROP) target prot opt source destination ACCEPT tcp -- 192.168.2.104 0.0.0.0/0 tcp flags:!0x17/0x02 ACCEPT udp -- 192.168.2.104 0.0.0.0/0 ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 DROP 0 -- 0.0.0.0/0 255.255.255.255 DROP 0 -- 0.0.0.0/0 192.168.2.255 DROP 0 -- 224.0.0.0/8 0.0.0.0/0 DROP 0 -- 0.0.0.0/0 224.0.0.0/8 DROP 0 -- 255.255.255.255 0.0.0.0/0 DROP 0 -- 0.0.0.0/0 0.0.0.0 DROP 0 -- 0.0.0.0/0 0.0.0.0/0 state INVALID LSI 0 -f 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5 INBOUND 0 -- 0.0.0.0/0 0.0.0.0/0 LOG_FILTER 0 -- 0.0.0.0/0 0.0.0.0/0 LOG 0 -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Unknown Input' Chain FORWARD (policy DROP) target prot opt source destination ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5 LOG_FILTER 0 -- 0.0.0.0/0 0.0.0.0/0 LOG 0 -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Unknown Forward' Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT tcp -- 192.168.2.105 192.168.2.104 tcp dpt:53 ACCEPT udp -- 192.168.2.105 192.168.2.104 udp dpt:53 ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 DROP 0 -- 224.0.0.0/8 0.0.0.0/0 DROP 0 -- 0.0.0.0/0 224.0.0.0/8 DROP 0 -- 255.255.255.255 0.0.0.0/0 DROP 0 -- 0.0.0.0/0 0.0.0.0 DROP 0 -- 0.0.0.0/0 0.0.0.0/0 state INVALID OUTBOUND 0 -- 0.0.0.0/0 0.0.0.0/0 LOG_FILTER 0 -- 0.0.0.0/0 0.0.0.0/0 LOG 0 -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Unknown Output' Chain INBOUND (1 references) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:80 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:443 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:137:139 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:445 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5900 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5900 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:21 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:1000 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1000 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5901 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5901 LSI 0 -- 0.0.0.0/0 0.0.0.0/0 Chain LOG_FILTER (5 references) target prot opt source destination Chain LSI (2 references) target prot opt source destination LOG_FILTER 0 -- 0.0.0.0/0 0.0.0.0/0 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 1/sec burst 5 LOG flags 0 level 6 prefix `Inbound ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x04 limit: avg 1/sec burst 5 LOG flags 0 level 6 prefix `Inbound ' DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x04 LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 1/sec burst 5 LOG flags 0 level 6 prefix `Inbound ' DROP icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 LOG 0 -- 0.0.0.0/0 0.0.0.0/0 limit: avg 5/sec burst 5 LOG flags 0 level 6 prefix `Inbound ' DROP 0 -- 0.0.0.0/0 0.0.0.0/0 Chain LSO (10 references) target prot opt source destination LOG_FILTER 0 -- 0.0.0.0/0 0.0.0.0/0 LOG 0 -- 0.0.0.0/0 0.0.0.0/0 limit: avg 5/sec burst 5 LOG flags 0 level 6 prefix `Outbound ' REJECT 0 -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain OUTBOUND (1 references) target prot opt source destination ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED LSO tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 LSO udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22 LSO tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21 LSO udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:21 LSO tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5900 LSO udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5900 LSO tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5901 LSO udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5901 LSO tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 LSO udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:80 ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0
Ståle Skrevet 4. juli 2007 Forfatter Skrevet 4. juli 2007 Ingen? 8983336[/snapback] Litt viktig at bare noen av portene er apen pa serveren, dont you think?
AudunSæther Skrevet 15. juli 2007 Skrevet 15. juli 2007 Flushe alle reglene (altså slette alle reglene), også reinstaller firestarter (evt. gjør det manuelt, http://www.linuxguiden.no/index.php/Netfilter). iptables -F INPUT iptables -F FORWARD iptables -F OUTPUT
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå