iptables non accetta più i range di ip
Ciao a tutti,
oggi ho installato lenny su un nuovo server, ma ho un problema assurdo:
iptables accetta tutte le regole del mio firewall tranne i range target
sia in source che in destination.
Come riportato qui sotto accetta il comando ma anzichè il range inserito
mette sistematicamente 0.0.0.0 .
Qualche idea?
root@PBT:~# iptables -L -n -v
Chain INPUT (policy ACCEPT 64 packets, 4000 bytes)
pkts bytes target prot opt in out source
destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 36 packets, 3680 bytes)
pkts bytes target prot opt in out source
destination
root@PBT:~# iptables -A INPUT -i eth2 -m iprange --src-range
192.168.0.100-192.168.0.120 -d 192.168.0.1 -p udp --dport 80 -m state
--state NEW -j ACCEPT
root@PBT:~# iptables -L -n -v
Chain INPUT (policy ACCEPT 8 packets, 464 bytes)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT udp -- eth2 * 0.0.0.0/0
192.168.0.1 source IP range 0.0.0.0-0.0.0.0 udp dpt:80 state
NEW
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 5 packets, 648 bytes)
pkts bytes target prot opt in out source
destination
root@PBT:~# iptables -A INPUT -i eth2 -m iprange --dst-range
192.168.0.100-192.168.0.120 -d 192.168.0.1 -p udp --dport 80 -m state
--state NEW -j ACCEPT
root@PBT:~# iptables -L -n -v
Chain INPUT (policy ACCEPT 8 packets, 464 bytes)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT udp -- eth2 * 0.0.0.0/0
192.168.0.1 source IP range 0.0.0.0-0.0.0.0 udp dpt:80 state
NEW
0 0 ACCEPT udp -- eth2 * 0.0.0.0/0
192.168.0.1 destination IP range 0.0.0.0-0.0.0.0 udp dpt:80
state NEW
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 5 packets, 648 bytes)
pkts bytes target prot opt in out source
destination
root@PBT:~# iptables -A INPUT -i eth2 -m iprange --dst-range
192.168.0.100 -d 192.168.0.1 -p udp --dport 80 -m state --state NEW -j
ACCEPT
root@PBT:~# iptables -L -n -v
Chain INPUT (policy ACCEPT 8 packets, 464 bytes)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT udp -- eth2 * 0.0.0.0/0
192.168.0.1 source IP range 0.0.0.0-0.0.0.0 udp dpt:80 state
NEW
0 0 ACCEPT udp -- eth2 * 0.0.0.0/0
192.168.0.1 destination IP range 0.0.0.0-0.0.0.0 udp dpt:80
state NEW
0 0 ACCEPT udp -- eth2 * 0.0.0.0/0
192.168.0.1 destination IP range 0.0.0.0-0.0.0.0 udp dpt:80
state NEW
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 5 packets, 632 bytes)
pkts bytes target prot opt in out source
destination
root@PBT:~#
grazie a tutti comunque!
Reply to: