Running Centos 7 and have IPTables set to block most inbound traffic. However some attackers are getting past the firewall.
System is a pbx running Asterisk software and port 5060 is forwarded from the hardware firewall. I want to be able to accept traffic from only a few IP Addresses (or subnets).
I have a small script setup that was suggested on the Wiki of this site. I expect I have something out of place, or missing something completely.
I even put Drop instructions, but these addresses are still getting by on port 5060
Can anyone see anything wrong with this?
Code: Select all
#!/bin/bash
#
# iptables example configuration script
#
# Flush all current rules from iptables
#
iptables -F
#
# Allow SSH connections on tcp port 22
# This is essential when working on remote servers via SSH to prevent locking yourself out of the system
#
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
#
# Set default policies for INPUT, FORWARD and OUTPUT chains
#
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
#
# Set access for localhost
#
iptables -A INPUT -i lo -j ACCEPT
#
# Accept packets belonging to established and related connections
#
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
#
# Accept packets from trusted IP addresses
iptables -A INPUT -m state --state NEW -s 215.0.0.0/8 -j DROP
iptables -A INPUT -m state --state NEW -s 164.0.0.0/8 -j DROP
iptables -A INPUT -m state --state NEW -s 37.0.0.0/8 -j DROP
iptables -A INPUT -m state --state NEW -s 185.0.0.0/8 -j DROP
iptables -A INPUT -m state --state NEW -s 82.0.0.0/8 -j DROP
iptables -A INPUT -m state --state NEW -s 212.0.0.0/8 -j DROP
iptables -A INPUT -m state --state NEW -s 91.0.0.0/8 -j DROP
iptables -A INPUT -m state --state NEW -s 170.0.0.0/8 -j DROP
iptables -A INPUT -s 192.168.0.0/16 -j ACCEPT
iptables -A INPUT -s 10.0.0.0/8 -j ACCEPT
iptables -A INPUT -s 143.0.0.0/8 -j ACCEPT -m comment --comment "allow network"
iptables -A INPUT -s 96.0.0.0/8 -j ACCEPT -m comment --comment "allow network"
# Save settings
#
/sbin/service iptables save
#
# List rules
#
iptables -L -v
GW