Thread: Re: [Fwbuilder-discussion] update IPtables after push does not seem to work
Brought to you by:
mikehorn
From: Rubin B. <ru...@rb...> - 2014-10-13 19:23:40
|
You probably haven’t reset your connection tracking in the kernel. By default FWbuilder allows ESTABLISHED,RELATED connections. You can manage the connections to your device with the conntrack package. Rubin Rubin Bennett rbTechnologies, LLC 1970 VT Route 14 South East Montpelier, VT 05651 (802)223-4448 x101 http://rbtechvt.com "Think for yourselves, and let others enjoy the privilege to do so too." Voltaire, Essay on Tolerance French author, humanist, rationalist, and satirist (1694 - 1778) From: Gandalf Istari [mailto:ere...@gm...] Sent: Monday, October 13, 2014 2:14 PM To: fwb...@li... Subject: [Fwbuilder-discussion] update IPtables after push does not seems to work Hi All, Normally I'm only using FWbuilder to update my rules but because I'm having a lot of login attempts (possible for bots) I have setup a script that inserts a new rule if there are to much login attempts. The file generated by FWbuilder: $IPTABLES -N In_RULE_0 $IPTABLES -A INPUT -i em1 -s 5.35.248.166 -j In_RULE_0 $IPTABLES -A INPUT -i em1 -s 12.133.41.130 -j In_RULE_0 ... $IPTABLES -A FORWARD -i em1 -s 5.35.248.166 -j In_RULE_0 $IPTABLES -A FORWARD -i em1 -s 12.133.41.130 -j In_RULE_0 ... And the script uses following command: iptables -A INPUT -i em1 -s 176.28.55.20 -j In_RULE_0 iptables -A FORWARD -i em1 -s 176.28.55.20 -j In_RULE_0 for me this should be enough but still I get attempts from IP 176.28.55.20 iptables -nL Chain INPUT (policy DROP) In_RULE_0 all -- 5.35.248.166 0.0.0.0/0 .... RULE_25 all -- 0.0.0.0/0 0.0.0.0/0 In_RULE_0 all -- 176.28.55.20 0.0.0.0/0 Chain FORWARD (policy DROP) Anyone an idea ?? |