Brannmuren i Debian har blokket alt.

Ståle · 25. juni 2007

Jeg installerte Firestarter pa Debian serveren. Og apnet 80, 21, 22, 5900. Men, plutselig virket ikke internett, eller apt-get lenger.

Har installert Firestarter pa Ubuntu ogsa, men da skjedde det ikke noe mer enn som var satt opp bydefault i iptables...tror jeg..

Palme · 26. juni 2007

hva sier iptables -nL

Ståle · 26. juni 2007

stale@debian:~$ sudo iptables -nL
Chain INPUT (policy DROP)

target prot opt source destination

ACCEPT tcp -- 192.168.2.104 0.0.0.0/0 tcp flags:!0x17/0x02

ACCEPT udp -- 192.168.2.104 0.0.0.0/0

ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0

ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5

DROP 0 -- 0.0.0.0/0 255.255.255.255

DROP 0 -- 0.0.0.0/0 192.168.2.255

DROP 0 -- 224.0.0.0/8 0.0.0.0/0

DROP 0 -- 0.0.0.0/0 224.0.0.0/8

DROP 0 -- 255.255.255.255 0.0.0.0/0

DROP 0 -- 0.0.0.0/0 0.0.0.0

DROP 0 -- 0.0.0.0/0 0.0.0.0/0 state INVALID

LSI 0 -f 0.0.0.0/0 0.0.0.0/0 limit: avg 10/min burst 5

INBOUND 0 -- 0.0.0.0/0 0.0.0.0/0

LOG_FILTER 0 -- 0.0.0.0/0 0.0.0.0/0

LOG 0 -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Unknown Input'

Chain FORWARD (policy DROP)

target prot opt source destination

ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 10/sec burst 5

LOG_FILTER 0 -- 0.0.0.0/0 0.0.0.0/0

LOG 0 -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Unknown Forward'

Chain OUTPUT (policy DROP)

target prot opt source destination

ACCEPT tcp -- 192.168.2.105 192.168.2.104 tcp dpt:53

ACCEPT udp -- 192.168.2.105 192.168.2.104 udp dpt:53

ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0

DROP 0 -- 224.0.0.0/8 0.0.0.0/0

DROP 0 -- 0.0.0.0/0 224.0.0.0/8

DROP 0 -- 255.255.255.255 0.0.0.0/0

DROP 0 -- 0.0.0.0/0 0.0.0.0

DROP 0 -- 0.0.0.0/0 0.0.0.0/0 state INVALID

OUTBOUND 0 -- 0.0.0.0/0 0.0.0.0/0

LOG_FILTER 0 -- 0.0.0.0/0 0.0.0.0/0

LOG 0 -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 6 prefix `Unknown Output'

Chain INBOUND (1 references)

target prot opt source destination

ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED

ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED

ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80

ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:80

ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:443

ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:443

ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:137:139

ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpts:137:139

ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:445

ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:445

ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22

ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22

ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5900

ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5900

ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21

ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:21

ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:1000

ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:1000

ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5901

ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5901

LSI 0 -- 0.0.0.0/0 0.0.0.0/0

Chain LOG_FILTER (5 references)

target prot opt source destination

Chain LSI (2 references)

target prot opt source destination

LOG_FILTER 0 -- 0.0.0.0/0 0.0.0.0/0

LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 1/sec burst 5 LOG flags 0 level 6 prefix `Inbound '

DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02

LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x04 limit: avg 1/sec burst 5 LOG flags 0 level 6 prefix `Inbound '

DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x04

LOG icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 1/sec burst 5 LOG flags 0 level 6 prefix `Inbound '

DROP icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8

LOG 0 -- 0.0.0.0/0 0.0.0.0/0 limit: avg 5/sec burst 5 LOG flags 0 level 6 prefix `Inbound '

DROP 0 -- 0.0.0.0/0 0.0.0.0/0

Chain LSO (10 references)

target prot opt source destination

LOG_FILTER 0 -- 0.0.0.0/0 0.0.0.0/0

LOG 0 -- 0.0.0.0/0 0.0.0.0/0 limit: avg 5/sec burst 5 LOG flags 0 level 6 prefix `Outbound '

REJECT 0 -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable

Chain OUTBOUND (1 references)

target prot opt source destination

ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0

ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED

ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED

LSO tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22

LSO udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22

LSO tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:21

LSO udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:21

LSO tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5900

LSO udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5900

LSO tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:5901

LSO udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:5901

LSO tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80

LSO udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:80

ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0

jurg · 26. juni 2007

Policy DROP? :hmm:

Ståle · 1. juli 2007

Ingen?

Ståle · 4. juli 2007

Ingen?

8983336[/snapback]

Litt viktig at bare noen av portene er apen pa serveren, dont you think?

Ståle · 15. juli 2007

un bump petit.

AudunSæther · 15. juli 2007

Flushe alle reglene (altså slette alle reglene), også reinstaller firestarter (evt. gjør det manuelt, http://www.linuxguiden.no/index.php/Netfilter).

iptables -F INPUT

iptables -F FORWARD

iptables -F OUTPUT

Logg inn

Brannmuren i Debian har blokket alt.

Anbefalte innlegg

Ståle

Videoannonse

Palme

Ståle

jurg

Ståle

Ståle

Ståle

AudunSæther

Opprett en konto eller logg inn for å kommentere

Opprett konto

Logg inn

Hvem er aktive 0 medlemmer