Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now

zeezeebottom
Posted on: Feb 20 2013, 11:00 AM


Whats this Lie-nix Thing?
*

Group: Members
Posts: 1
Joined: 20-February 13
Member No.: 18,106


Hello guys,

A bunch of icons are missing in this wysiwig editor by the way...

I am having trouble with iptables - it keeps blocking my http traffic even though it's supposed to allow it. It's working in conjunction with fail2ban. Here's my list of rules:
CODE
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source               destination        
    2   128 fail2ban-BadBots  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           multiport dports 80,443
  164 12160 fail2ban-SSH  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:22
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            Source country: CN
  221 17236 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0          
    2   120 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0          
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
   28  4542 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source               destination        
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 121 packets, 16507 bytes)
pkts bytes target     prot opt in     out     source               destination        

Chain fail2ban-BadBots (1 references)
pkts bytes target     prot opt in     out     source               destination        
    2   128 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain fail2ban-SSH (1 references)
pkts bytes target     prot opt in     out     source               destination        
  164 12160 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0


As far as I can see, it properly logged the 2 packets and whatever on port 80 but the connection is actually refused. fail2ban has not blocked my ip. How does this actually work? Do I need to have a separate line where -j ACCEPT is in place of fail2ban-BadBots ? And wouldn't that simply bypass fail2ban altogether?

Thank you!
  Forum: Technical Support · Post Preview: #33384 · Replies: 1 · Views: 2,814


New Posts  New Replies
No New Posts  No New Replies
Hot topic  Hot Topic (New)
No new  Hot Topic (No New)
Poll  Poll (New)
No new votes  Poll (No New)
Closed  Locked Topic
Moved  Moved Topic
 

RSS Lo-Fi Version Time is now: 22nd November 2017 - 06:17 AM