You are not logged in.

#1 2008-08-10 23:45:58

fukawi2
Ex-Administratorino
From: .vic.au
Registered: 2007-09-28
Posts: 6,217
Website

iptables not rejecting port 25

Can anyone tell me why my iptables rules isn't REJECTing port 25?Chain INPUT (policy ACCEPT)

As far as I can see, my test connection (from the local machine, to it's public IP) should:
1) Enter the INPUT chain, and jump to the LOGCONNS chain.
2) Match the second rule in LOGCONNS (source is 192.168.39.2) and RETURN to the INPUT chain.
3) Jump to the BLACKLIST chain - not match anything there and RETURN to INPUT.
4) Jump to PORTBLOCK - match destination port 25 and then REJECT.

Step 4 doesn't appear to be working. If I do `telnet 192.168.39.2 25` I get the normal SMTP greeting from my server sad

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
LOGCONNS   all  --  0.0.0.0/0            0.0.0.0/0           
BLACKLIST  all  --  0.0.0.0/0            0.0.0.0/0           
PORTBLOCK  all  --  0.0.0.0/0            0.0.0.0/0           
SSHSCAN    tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:22 state NEW 

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         

Chain BLACKLIST (1 references)
target     prot opt source               destination         
DROP       all  --  172.20.0.0/24        0.0.0.0/0           
DROP       all  --  59.144.127.0/24      0.0.0.0/0           
DROP       all  --  218.75.48.0/24       0.0.0.0/0           

Chain LOGCONNS (1 references)
target     prot opt source               destination         
RETURN     all  --  192.168.31.0/28      0.0.0.0/0           
RETURN     all  --  192.168.39.0/30      0.0.0.0/0           
LOG        tcp  --  0.0.0.0/0            0.0.0.0/0           limit: avg 2/sec burst 10 LOG flags 0 level 4 prefix `TCP CONNECTION: ' 
LOG        udp  --  0.0.0.0/0            0.0.0.0/0           limit: avg 2/sec burst 10 LOG flags 0 level 4 prefix `UDP PACKET: ' 
LOG        all  -f  0.0.0.0/0            0.0.0.0/0           limit: avg 2/sec burst 10 LOG flags 0 level 4 prefix `FRAGMENT PACKET: ' 

Chain PORTBLOCK (1 references)
target     prot opt source               destination         
REJECT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:25 reject-with icmp-port-unreachable 

Chain SSHSCAN (1 references)
target     prot opt source               destination         
           all  --  0.0.0.0/0            0.0.0.0/0           recent: SET name: SSH side: source 
LOG        all  --  0.0.0.0/0            0.0.0.0/0           recent: UPDATE seconds: 300 hit_count: 3 name: SSH side: source LOG flags 0 level 6 prefix `SSH SCAN blocked: ' 
DROP       all  --  0.0.0.0/0            0.0.0.0/0           recent: UPDATE seconds: 300 hit_count: 3 name: SSH side: source

Offline

Board footer

Powered by FluxBB