From: hanasaki (hanasaki@hanaden.com)
Date: 03/01/02

Next message: Dustin Decker: "Re: Apache Help"
Previous message: Bob Stocker: "Re: Apache Help"
Next in thread: The Morleys: "Re: iptables says drop icmp but its sneaking through!!!"
Reply: The Morleys: "Re: iptables says drop icmp but its sneaking through!!!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]

Message-ID: <3C7FD3F0.6090701@hanaden.com>
Date: Fri, 1 Mar 2002 13:13:28 -0600
From: hanasaki <hanasaki@hanaden.com>
Subject: iptables says drop icmp but its sneaking through!!!

DUMP OF IPTALBES RULES
================================
root@portal:[143]~ iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere mkc-65-26-126-218.kc.rr.comtcp
dpt:smtp
ACCEPT tcp -- anywhere mkc-65-26-126-218.kc.rr.comtcp
dpt:www
ACCEPT tcp -- anywhere mkc-65-26-126-218.kc.rr.comtcp
dpt:5190
DENIED_PORT_PRIV tcp -- anywhere
mkc-65-26-126-218.kc.rr.comtcp dpts:0:112
DENIED_PORT_PRIV udp -- anywhere
mkc-65-26-126-218.kc.rr.comudp dpts:0:112
DENIED_PORT_PRIV tcp -- anywhere
mkc-65-26-126-218.kc.rr.comtcp dpts:114:1023
DENIED_PORT_PRIV udp -- anywhere
mkc-65-26-126-218.kc.rr.comudp dpts:114:1023
DENIED_PORT_UNPRIV_TCP tcp -- anywhere
mkc-65-26-126-218.kc.rr.comtcp dpt:2049
DENIED_PORT_UNPRIV_UDP udp -- anywhere
mkc-65-26-126-218.kc.rr.comudp dpt:2049
DENIED_PORT_UNPRIV_TCP tcp -- anywhere
mkc-65-26-126-218.kc.rr.comtcp dpts:x11:x11-5
DENIED_PORT_UNPRIV_UDP udp -- anywhere
mkc-65-26-126-218.kc.rr.comudp dpts:x11:x11-5
DENIED_PORT_UNPRIV_TCP tcp -- anywhere
mkc-65-26-126-218.kc.rr.comtcp dpts:12345:12346
DENIED_PORT_UNPRIV_UDP udp -- anywhere
mkc-65-26-126-218.kc.rr.comudp dpts:12345:12346
DENIED_PORT_UNPRIV_TCP tcp -- anywhere
mkc-65-26-126-218.kc.rr.comtcp dpts:1024:65535
DROP icmp -- anywhere mkc-65-26-126-218.kc.rr.com

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain DENIED_PORT_PRIV (4 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
LOG all -- anywhere anywhere LOG level
notice prefix `TL0G_DENIED_PORT_PRIV: '
DROP all -- anywhere anywhere

Chain DENIED_PORT_UNPRIV_TCP (4 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
LOG all -- anywhere anywhere LOG level
notice prefix `TL0G_DENIED_PORT_T-UNPRIV: '
DROP all -- anywhere anywhere state
INVALID,NEW

Chain DENIED_PORT_UNPRIV_UDP (3 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level
notice prefix `TL0G_DENIED_PORT_U-UNPRIV: '
DROP all -- anywhere anywhere

Chain ONTHEFLY (0 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level
notice prefix `TL0G_ONTHEFLY: '
DROP all -- anywhere anywhere
root@portal:[144]~ iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain CHAIN_NAT (0 references)
target prot opt source destination

THE OFFENDING HOST THAT IS GETTING THROUGH
====================================================
root@portal:[145]~ !ho
host 64.236.7.85
Name: bb2-den-P7-0.atdn.net
Address: 64.236.7.85

-- 
=================================================================
= hanasaki@hanaden.com                                          =
=     Spam : Unhealthy and High in Sodium and Cholesterol       =
=================================================================

Next message: Dustin Decker: "Re: Apache Help"
Previous message: Bob Stocker: "Re: Apache Help"
Next in thread: The Morleys: "Re: iptables says drop icmp but its sneaking through!!!"
Reply: The Morleys: "Re: iptables says drop icmp but its sneaking through!!!"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Mail actions: [ respond to this message ] [ mail a new topic ]