You are not logged in.

Pages: 1

#1 2015-11-10 23:56:06

quasifilmie
Member
Registered: 2011-10-27
Posts: 296

[SOLVED] Why are my samba ports being filtered?

I am trying to secure my server and I am using iptables. Here is my config. 

:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A OUTPUT -p tcp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A OUTPUT -p icmp --icmp-type echo-request -j ACCEPT
-A OUTPUT -p icmp --icmp-type echo-reply -j ACCEPT
-A INPUT -p icmp --icmp-type echo-request -j ACCEPT
-A INPUT -p icmp --icmp-type echo-reply -j ACCEPT
-A INPUT -p tcp -m state --state NEW,ESTABLISHED,RELATED -m tcp -m multiport --dports 22,80 -j ACCEPT
-A OUTPUT -p tcp -s 10.120.80.0/21 -m state --state NEW,ESTABLISHED,RELATED -m tcp -m multiport --dports 139,443 -j ACCEPT
-A OUTPUT -p udp -s 10.120.80.0/21 -m state --state NEW,ESTABLISHED,RELATED -m udp -m multiport --dports 139,443 -j ACCEPT
-A INPUT -p tcp -d 10.120.80.0/21 -m state --state NEW,ESTABLISHED,RELATED -m tcp -m multiport --sports 139,443 -j ACCEPT
-A INPUT -p udp -d 10.120.80.0/21 -m state --state NEW,ESTABLISHED,RELATED -m udp -m multiport --sports 139,443 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

My rules for pinging and for ports 22 and 80 seem to be working but not my rules for ports 139 and 443. On my other computer my ip address is 10.120.81.253/21. When I run nmap, it shows ports 80 and 22 are closed. This makes sense because my web server and ssh are both not running.

When I turn on ssh, port 22 shows as open. I run the command nmap -Pn 10.120.81.87 from my laptop with the ip address 10.120.81.253/21.

Host is up (0.00030s latency).
Not shown: 998 filtered ports
PORT   STATE  SERVICE
22/tcp closed ssh
80/tcp closed http

If i turn on ssh or apache the ports show as open. Samba is not running so I am not sure why it is showing that ports 139 and 443 are filtered instead of closed. Is there something wrong with my rules?

Edit: Rule should have been for 443 and not 445. Fixed, but still not working.

Edit: SOLVED. Just a simple syntax problem. 

-A INPUT -s 10.120.80.0/21 -m state --state NEW,ESTABLISHED,RELATED -m tcp -p tcp -m multiport --dports 139,443 -j ACCEPT
-A INPUT -s 10.120.80.0/21 -m state --state NEW,ESTABLISHED,RELATED -m udp -p udp -m multiport --dports 139,443 -j ACCEPT
-A OUTPUT -d 10.120.80.0/21 -m state --state NEW,ESTABLISHED,RELATED -m tcp -p tcp -m multiport --dports 139,443 -j ACCEPT
-A OUTPUT -d 10.120.80.0/21 -m state --state NEW,ESTABLISHED,RELATED -m udp -p udp -m multiport --dports 139,443 -j ACCEPT

I had my source and destination network addresses in the wrong chains and you have to put the source and destination before protocol.

Last edited by quasifilmie (2015-11-11 01:32:34)

Offline

Pages: 1

Board footer

Powered by FluxBB