My server has been getting frequent attempts from a device on 89.144.x.x. There is nothing on the server for anyone on that network so I tried blocking all access via IPTables.
iptables -L -n |grep 89.144
REJECT tcp -- 89.144.0.0/16 0.0.0.0/0 state NEW tcp reject-with icmp-port-unreachable
But the last two days there have been attempts to access the web server logged in the /var/log/httpd/access_log
I'm not an expert by any means with iptables but I though this would prevent any access from this net block.
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp -s 89.144.0.0/16 -j REJECT --reject-with icmp-port-unreachable.
What am I missing?
IPTables REJECT not blocking port 80
Re: IPTables REJECT not blocking port 80
I assume you have disabled firewalld and installed iptables?
I also think the order of the rules matters, if you have opened
for all http traffic before this rule ...
I also think the order of the rules matters, if you have opened
for all http traffic before this rule ...
Re: IPTables REJECT not blocking port 80
Yes firewalld disabled and iptables enabled.
The rule to block is above rule permitting port 80 access.
The rule to block is above rule permitting port 80 access.
Re: IPTables REJECT not blocking port 80
I had a similar problem which was fixed by putting this in /etc/sysconfig/iptables:
-A INPUT -s 123.45.67.0/20 -j DROP
I have no RH-Firewall-1-INPUT chain, only INPUT, FORWARD and OUTPUT.
-A INPUT -s 123.45.67.0/20 -j DROP
I have no RH-Firewall-1-INPUT chain, only INPUT, FORWARD and OUTPUT.
Re: IPTables REJECT not blocking port 80
RH-Firewall-1-INPUT is something that was used in CentOS 5 and abandoned in 6. It's a relic.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke
Re: IPTables REJECT not blocking port 80
Please show what is in table filter, Do use:
Code: Select all
iptables -S