[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

iptables non accetta più i range di ip

Ciao a tutti,
oggi ho installato lenny su un nuovo server, ma ho un problema assurdo:

iptables accetta tutte le regole del mio firewall tranne i range target
sia in source che in destination.
Come riportato qui sotto accetta il comando ma anzichè il range inserito
mette sistematicamente 0.0.0.0 .

Qualche idea?

root@PBT:~# iptables -L -n -v
Chain INPUT (policy ACCEPT 64 packets, 4000 bytes)
 pkts bytes target     prot opt in     out     source
destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source
destination         

Chain OUTPUT (policy ACCEPT 36 packets, 3680 bytes)
 pkts bytes target     prot opt in     out     source
destination         
root@PBT:~# iptables -A INPUT -i eth2 -m iprange --src-range
192.168.0.100-192.168.0.120 -d 192.168.0.1 -p udp --dport 80 -m state
--state NEW -j ACCEPT
root@PBT:~# iptables -L -n -v
Chain INPUT (policy ACCEPT 8 packets, 464 bytes)
 pkts bytes target     prot opt in     out     source
destination         
    0     0 ACCEPT     udp  --  eth2   *       0.0.0.0/0
192.168.0.1         source IP range 0.0.0.0-0.0.0.0 udp dpt:80 state
NEW 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source
destination         

Chain OUTPUT (policy ACCEPT 5 packets, 648 bytes)
 pkts bytes target     prot opt in     out     source
destination         
root@PBT:~# iptables -A INPUT -i eth2 -m iprange --dst-range
192.168.0.100-192.168.0.120 -d 192.168.0.1 -p udp --dport 80 -m state
--state NEW -j ACCEPT
root@PBT:~# iptables -L -n -v
Chain INPUT (policy ACCEPT 8 packets, 464 bytes)
 pkts bytes target     prot opt in     out     source
destination         
    0     0 ACCEPT     udp  --  eth2   *       0.0.0.0/0
192.168.0.1         source IP range 0.0.0.0-0.0.0.0 udp dpt:80 state
NEW 
    0     0 ACCEPT     udp  --  eth2   *       0.0.0.0/0
192.168.0.1         destination IP range 0.0.0.0-0.0.0.0 udp dpt:80
state NEW 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source
destination         

Chain OUTPUT (policy ACCEPT 5 packets, 648 bytes)
 pkts bytes target     prot opt in     out     source
destination         
root@PBT:~# iptables -A INPUT -i eth2 -m iprange --dst-range
192.168.0.100 -d 192.168.0.1 -p udp --dport 80 -m state --state NEW -j
ACCEPT
root@PBT:~# iptables -L -n -v
Chain INPUT (policy ACCEPT 8 packets, 464 bytes)
 pkts bytes target     prot opt in     out     source
destination         
    0     0 ACCEPT     udp  --  eth2   *       0.0.0.0/0
192.168.0.1         source IP range 0.0.0.0-0.0.0.0 udp dpt:80 state
NEW 
    0     0 ACCEPT     udp  --  eth2   *       0.0.0.0/0
192.168.0.1         destination IP range 0.0.0.0-0.0.0.0 udp dpt:80
state NEW 
    0     0 ACCEPT     udp  --  eth2   *       0.0.0.0/0
192.168.0.1         destination IP range 0.0.0.0-0.0.0.0 udp dpt:80
state NEW 

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source
destination         

Chain OUTPUT (policy ACCEPT 5 packets, 632 bytes)
 pkts bytes target     prot opt in     out     source
destination         
root@PBT:~#

grazie a tutti comunque!
Reply to: