From: Ken R. <ip...@ke...> - 2003-11-30 12:25:11
|
On Saturday, November 29, 2003 10:47 PM, Kristian Hald <kri...@ha...> wrote: > Hey, > I'm having some problems with blocking some connections to specific > p2p ports. I have added the following rules in the firewall. > /sbin/iptables -A CUSTOMFORWARD -p tcp -i $GREEN_DEV --dport 4662 -j > DROP /sbin/iptables -A CUSTOMFORWARD -p tcp -i $GREEN_DEV --sport > 4662 -j DROP > > However via the connections scheme and via Snort I can see that the > firewall still allows connections to this port. > ESTABLISHED 10.0.1.229 </cgi-bin/ipinfo.cgi?ip=10.0.1.229>:4022 > 82.49.202.38 </cgi-bin/ipinfo.cgi?ip=82.49.202.38>:4662 82.49.202.38 > </cgi-bin/ipinfo.cgi?ip=82.49.202.38>:4662 62.79.111.222 > </cgi-bin/ipinfo.cgi?ip=62.79.111.222>:4022 <snip> G'day Kristian, What does iptables -L tell you about the CUSTOMFORWARD chain? -- Regards Ken When faced without a challenge, make one. |