iptables says drop icmp but its sneaking through!!!

hanasaki hanasaki at hanaden.com
Fri Mar 1 19:13:28 CST 2002 

DUMP OF IPTALBES RULES
================================
root at portal:[143]~ iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     tcp  --  anywhere             mkc-65-26-126-218.kc.rr.comtcp
dpt:smtp
ACCEPT     tcp  --  anywhere             mkc-65-26-126-218.kc.rr.comtcp
dpt:www
ACCEPT     tcp  --  anywhere             mkc-65-26-126-218.kc.rr.comtcp
dpt:5190
DENIED_PORT_PRIV  tcp  --  anywhere
mkc-65-26-126-218.kc.rr.comtcp dpts:0:112
DENIED_PORT_PRIV  udp  --  anywhere
mkc-65-26-126-218.kc.rr.comudp dpts:0:112
DENIED_PORT_PRIV  tcp  --  anywhere
mkc-65-26-126-218.kc.rr.comtcp dpts:114:1023
DENIED_PORT_PRIV  udp  --  anywhere
mkc-65-26-126-218.kc.rr.comudp dpts:114:1023
DENIED_PORT_UNPRIV_TCP  tcp  --  anywhere
mkc-65-26-126-218.kc.rr.comtcp dpt:2049
DENIED_PORT_UNPRIV_UDP  udp  --  anywhere
mkc-65-26-126-218.kc.rr.comudp dpt:2049
DENIED_PORT_UNPRIV_TCP  tcp  --  anywhere
mkc-65-26-126-218.kc.rr.comtcp dpts:x11:x11-5
DENIED_PORT_UNPRIV_UDP  udp  --  anywhere
mkc-65-26-126-218.kc.rr.comudp dpts:x11:x11-5
DENIED_PORT_UNPRIV_TCP  tcp  --  anywhere
mkc-65-26-126-218.kc.rr.comtcp dpts:12345:12346
DENIED_PORT_UNPRIV_UDP  udp  --  anywhere
mkc-65-26-126-218.kc.rr.comudp dpts:12345:12346
DENIED_PORT_UNPRIV_TCP  tcp  --  anywhere
mkc-65-26-126-218.kc.rr.comtcp dpts:1024:65535
DROP       icmp --  anywhere             mkc-65-26-126-218.kc.rr.com

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain DENIED_PORT_PRIV (4 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere           state
RELATED,ESTABLISHED
LOG        all  --  anywhere             anywhere           LOG level
notice prefix `TL0G_DENIED_PORT_PRIV: '
DROP       all  --  anywhere             anywhere

Chain DENIED_PORT_UNPRIV_TCP (4 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere           state
RELATED,ESTABLISHED
LOG        all  --  anywhere             anywhere           LOG level
notice prefix `TL0G_DENIED_PORT_T-UNPRIV: '
DROP       all  --  anywhere             anywhere           state
INVALID,NEW

Chain DENIED_PORT_UNPRIV_UDP (3 references)
target     prot opt source               destination
LOG        all  --  anywhere             anywhere           LOG level
notice prefix `TL0G_DENIED_PORT_U-UNPRIV: '
DROP       all  --  anywhere             anywhere

Chain ONTHEFLY (0 references)
target     prot opt source               destination
LOG        all  --  anywhere             anywhere           LOG level
notice prefix `TL0G_ONTHEFLY: '
DROP       all  --  anywhere             anywhere
root at portal:[144]~ iptables -L -t nat
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain CHAIN_NAT (0 references)
target     prot opt source               destination

THE OFFENDING HOST THAT IS GETTING THROUGH
====================================================
root at portal:[145]~ !ho
host 64.236.7.85
Name: bb2-den-P7-0.atdn.net
Address: 64.236.7.85

-- 
= hanasaki at hanaden.com                                          =
=     Spam : Unhealthy and High in Sodium and Cholesterol       =

More information about the Kclug mailing list