Re: problema amule + iptables e low-id

To: debian-italian@lists.debian.org
Subject: Re: problema amule + iptables e low-id
From: Giulio <gf77p@yahoo.co.uk>
Date: Wed, 16 Mar 2005 11:04:11 +0100
Message-id: <[🔎] 20050316100411.GC5092@deb>
Mail-followup-to: debian-italian@lists.debian.org
In-reply-to: <[🔎] 2a6919380503160150f6fa371@mail.gmail.com>
References: <[🔎] 20050316091146.GA5092@deb> <[🔎] 2a6919380503160150f6fa371@mail.gmail.com>

On Wed, Mar 16, 2005 at 10:50:09AM +0100, paolo wrote:
> Giulio wrote:
> > $IPTABLE -P OUTPUT ACCEPT
> > $IPTABLE -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
> > $IPTABLE -A INPUT -p tcp --dport 4662 -j ACCEPT
> > $IPTABLE -A INPUT -p udp --dport 4665 -j ACCEPT
> > $IPTABLE -A INPUT -p udp --dport 4672 -j ACCEPT
> 
> Sei sicuro che le suddette regole sono caricate in iptables?
> Non ti sto dando dello scemo, sia ben chiaro, ma a volte il problema
> è sotto il naso e non ce ne accorgiamo.

beh visto che sono agli inizi con iptables potrebbe essere
benissimo... Lo script che ho fatto è una modifica di uno trovato in
rete... 
Ti posto il risultato di iptables -L -v del mio script: 

------------------------------------

Chain INPUT (policy DROP 1 packets, 40 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     udp  --  any    any     anywhere             anywhere            udp spt:bootps dpt:bootpc 
    0     0 ACCEPT     all  --  lo     any     anywhere             anywhere            
   73 25978 ACCEPT     all  --  any    any     anywhere             anywhere            state RELATED,ESTABLISHED 
    0     0 ACCEPT     icmp --  eth1   any     anywhere             anywhere            icmp echo-reply 
    0     0 ACCEPT     icmp --  eth1   any     anywhere             anywhere            icmp destination-unreachable 
    0     0 ACCEPT     icmp --  eth1   any     anywhere             anywhere            icmp time-exceeded 
    0     0 DROP       icmp --  eth1   any     anywhere             anywhere            icmp echo-request 
    0     0 ACCEPT     udp  --  eth1   any     nsa.tin.it           anywhere            udp spt:domain 
    0     0 ACCEPT     tcp  --  eth1   any     nsa.tin.it           anywhere            tcp spt:domain 
    0     0 DROP       all  --  any    any     anywhere             255.255.255.255     
    0     0 SYN-FLOOD  tcp  --  any    any     anywhere             anywhere            tcp flags:SYN,RST,ACK/SYN 
    0     0 chain-log  tcp  --  any    any     anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,PSH,URG 
    0     0 chain-log  tcp  --  any    any     anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/SYN,RST,ACK 
    0     0 chain-log  tcp  --  any    any     anywhere             anywhere            tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE 
    0     0 chain-log  tcp  --  any    any     anywhere             anywhere            tcp flags:SYN,RST/SYN,RST 
    0     0 chain-log  tcp  --  any    any     anywhere             anywhere            tcp flags:FIN,SYN/FIN,SYN 
    0     0 chain-log  tcp  --  any    any     anywhere             anywhere            tcp flags:FIN/FIN 
    0     0 DROP       udp  --  any    any     anywhere             anywhere            udp dpts:loc-srv:netbios-ssn 
    0     0 chain-log  all  --  eth1   any     anywhere             anywhere            state INVALID,NEW 
    0     0 ACCEPT     tcp  --  any    any     anywhere             anywhere            tcp dpt:4662 
    0     0 ACCEPT     udp  --  any    any     anywhere             anywhere            udp dpt:4665 
    0     0 ACCEPT     udp  --  any    any     anywhere             anywhere            udp dpt:4672 

Chain FORWARD (policy DROP 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 92 packets, 98132 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 ACCEPT     all  --  any    lo      deb                  anywhere            
    0     0 ACCEPT     udp  --  any    any     anywhere             anywhere            udp dpt:domain 
    0     0 ACCEPT     tcp  --  any    any     anywhere             anywhere            multiport dports www,https 
    0     0 ACCEPT     tcp  --  any    any     anywhere             anywhere            tcp dpt:smtp 
    0     0 ACCEPT     tcp  --  any    any     anywhere             anywhere            tcp dpt:pop3 

Chain SYN-FLOOD (1 references)
 pkts bytes target     prot opt in     out     source               destination         
    0     0 chain-log  all  --  any    any     anywhere             anywhere            limit: avg 1/sec burst 4 
    0     0 chain-log  all  --  any    any     anywhere             anywhere            limit: avg 1/sec burst 4 
    0     0 chain-log  all  --  any    any     anywhere             anywhere            limit: avg 1/sec burst 4 
    0     0 chain-log  all  --  any    any     anywhere             anywhere            limit: avg 1/sec burst 4 
    0     0 chain-log  all  --  any    any     anywhere             anywhere            limit: avg 1/sec burst 4 
    0     0 chain-log  all  --  any    any     anywhere             anywhere            limit: avg 1/sec burst 4 
    0     0 chain-log  all  --  any    any     anywhere             anywhere            limit: avg 1/sec burst 4 

Chain chain-log (14 references)
 pkts bytes target     prot opt in     out     source               destination         
    1   219 LOG        all  --  any    any     anywhere             anywhere            LOG level info 
    1   219 DROP       all  --  any    any     anywhere             anywhere            
    0     0 LOG        all  --  any    any     anywhere             anywhere            LOG level info 
    0     0 DROP       all  --  any    any     anywhere             anywhere            
    0     0 LOG        all  --  any    any     anywhere             anywhere            LOG level info 
    0     0 DROP       all  --  any    any     anywhere             anywhere            
    0     0 LOG        all  --  any    any     anywhere             anywhere            LOG level info 
    0     0 DROP       all  --  any    any     anywhere             anywhere            
    0     0 LOG        all  --  any    any     anywhere             anywhere            LOG level info 
    0     0 DROP       all  --  any    any     anywhere             anywhere            
    0     0 LOG        all  --  any    any     anywhere             anywhere            LOG level info 
    0     0 DROP       all  --  any    any     anywhere             anywhere            
    0     0 LOG        all  --  any    any     anywhere             anywhere            LOG level info 
    0     0 DROP       all  --  any    any     anywhere             anywhere    

------------------------------------

> 
> Posta in lista l'output di "iptables -L -v".
> 
>      Paolo
> 

ciao e grazie

Giulio

Reply to:

Follow-Ups:
- Re: problema amule + iptables e low-id
  - From: Andrea - <lists.debian@gmail.com>

References:
- problema amule + iptables e low-id
  - From: Giulio <gf77p@yahoo.co.uk>
- Re: problema amule + iptables e low-id
  - From: paolo <paolo.larcheri@gmail.com>

Prev by Date: Re: touchpad
Next by Date: Re: Inserire indirizzo Proxy Server Globale
Previous by thread: Re: problema amule + iptables e low-id
Next by thread: Re: problema amule + iptables e low-id
Index(es):
- Date
- Thread