Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now
> iptables help, I would like to understand how rules work and why current ones don'
zeezeebottom
post Feb 20 2013, 11:00 AM
Post #1


Whats this Lie-nix Thing?
*

Group: Members
Posts: 1
Joined: 20-February 13
Member No.: 18,106



Hello guys,

A bunch of icons are missing in this wysiwig editor by the way...

I am having trouble with iptables - it keeps blocking my http traffic even though it's supposed to allow it. It's working in conjunction with fail2ban. Here's my list of rules:
CODE
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source               destination        
    2   128 fail2ban-BadBots  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           multiport dports 80,443
  164 12160 fail2ban-SSH  tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:22
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            Source country: CN
  221 17236 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
    0     0 ACCEPT     icmp --  *      *       0.0.0.0/0            0.0.0.0/0          
    2   120 ACCEPT     all  --  lo     *       0.0.0.0/0            0.0.0.0/0          
    0     0 ACCEPT     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
   28  4542 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target     prot opt in     out     source               destination        
    0     0 REJECT     all  --  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 121 packets, 16507 bytes)
pkts bytes target     prot opt in     out     source               destination        

Chain fail2ban-BadBots (1 references)
pkts bytes target     prot opt in     out     source               destination        
    2   128 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0          

Chain fail2ban-SSH (1 references)
pkts bytes target     prot opt in     out     source               destination        
  164 12160 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0


As far as I can see, it properly logged the 2 packets and whatever on port 80 but the connection is actually refused. fail2ban has not blocked my ip. How does this actually work? Do I need to have a separate line where -j ACCEPT is in place of fail2ban-BadBots ? And wouldn't that simply bypass fail2ban altogether?

Thank you!
Go to the top of the page
 
+Quote Post

Posts in this topic
- zeezeebottom   iptables help   Feb 20 2013, 11:00 AM
- - michaelk   Post your /etc/fail2ban/jail.local file   Feb 20 2013, 02:44 PM


Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 18th October 2017 - 01:38 PM