You are not logged in.
Can anyone tell me why my iptables rules isn't REJECTing port 25?Chain INPUT (policy ACCEPT)
As far as I can see, my test connection (from the local machine, to it's public IP) should:
1) Enter the INPUT chain, and jump to the LOGCONNS chain.
2) Match the second rule in LOGCONNS (source is 192.168.39.2) and RETURN to the INPUT chain.
3) Jump to the BLACKLIST chain - not match anything there and RETURN to INPUT.
4) Jump to PORTBLOCK - match destination port 25 and then REJECT.
Step 4 doesn't appear to be working. If I do `telnet 192.168.39.2 25` I get the normal SMTP greeting from my server
Chain INPUT (policy ACCEPT)
target prot opt source destination
LOGCONNS all -- 0.0.0.0/0 0.0.0.0/0
BLACKLIST all -- 0.0.0.0/0 0.0.0.0/0
PORTBLOCK all -- 0.0.0.0/0 0.0.0.0/0
SSHSCAN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain BLACKLIST (1 references)
target prot opt source destination
DROP all -- 172.20.0.0/24 0.0.0.0/0
DROP all -- 59.144.127.0/24 0.0.0.0/0
DROP all -- 218.75.48.0/24 0.0.0.0/0
Chain LOGCONNS (1 references)
target prot opt source destination
RETURN all -- 192.168.31.0/28 0.0.0.0/0
RETURN all -- 192.168.39.0/30 0.0.0.0/0
LOG tcp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 10 LOG flags 0 level 4 prefix `TCP CONNECTION: '
LOG udp -- 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 10 LOG flags 0 level 4 prefix `UDP PACKET: '
LOG all -f 0.0.0.0/0 0.0.0.0/0 limit: avg 2/sec burst 10 LOG flags 0 level 4 prefix `FRAGMENT PACKET: '
Chain PORTBLOCK (1 references)
target prot opt source destination
REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:25 reject-with icmp-port-unreachable
Chain SSHSCAN (1 references)
target prot opt source destination
all -- 0.0.0.0/0 0.0.0.0/0 recent: SET name: SSH side: source
LOG all -- 0.0.0.0/0 0.0.0.0/0 recent: UPDATE seconds: 300 hit_count: 3 name: SSH side: source LOG flags 0 level 6 prefix `SSH SCAN blocked: '
DROP all -- 0.0.0.0/0 0.0.0.0/0 recent: UPDATE seconds: 300 hit_count: 3 name: SSH side: source
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline