[Linux-Biella] R: Problema di rete IP pubblici
Marco Barbera
barbera a bilug.linux.it
Gio 11 Giu 2009 17:26:59 CEST
>>e che hai davanti, come firewall?
L'installazione su questa macchina è Debian di default praticamente...non ci sono altri firewall e non ho toccato ancora nulla. Ti posto l'output di iptables --list
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- ns4.tin.it anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
ACCEPT udp -- ns4.tin.it anywhere
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5
DROP all -- anywhere 255.255.255.255
DROP all -- anywhere host7-223-static.28-87-b.business.telecomitalia.it
DROP all -- BASE-ADDRESS.MCAST.NET/8 anywhere
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere default
DROP all -- anywhere anywhere state INVALID
LSI all -f anywhere anywhere limit: avg 10/min burst 5
INBOUND all -- anywhere anywhere
INBOUND all -- anywhere 192.168.1.136
INBOUND all -- anywhere host4-223-static.28-87-b.business.telecomitalia.it
INBOUND all -- anywhere 192.168.1.255
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Input'
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere limit: avg 10/sec burst 5
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
OUTBOUND all -- anywhere anywhere
ACCEPT tcp -- anywhere 192.168.1.0/24 state RELATED,ESTABLISHED
ACCEPT udp -- anywhere 192.168.1.0/24 state RELATED,ESTABLISHED
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Forward'
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- host4-223-static.28-87-b.business.telecomitalia.it ns4.tin.it tcp dpt:domain
ACCEPT udp -- host4-223-static.28-87-b.business.telecomitalia.it ns4.tin.it udp dpt:domain
ACCEPT all -- anywhere anywhere
DROP all -- BASE-ADDRESS.MCAST.NET/8 anywhere
DROP all -- anywhere BASE-ADDRESS.MCAST.NET/8
DROP all -- 255.255.255.255 anywhere
DROP all -- anywhere default
DROP all -- anywhere anywhere state INVALID
OUTBOUND all -- anywhere anywhere
OUTBOUND all -- anywhere anywhere
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere LOG level info prefix `Unknown Output'
Chain INBOUND (4 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:www
ACCEPT udp -- anywhere anywhere udp dpt:www
ACCEPT tcp -- 192.168.1.0/24 anywhere tcp dpts:netbios-ns:netbios-ssn
ACCEPT udp -- 192.168.1.0/24 anywhere udp dpts:netbios-ns:netbios-ssn
ACCEPT tcp -- 192.168.1.0/24 anywhere tcp dpt:microsoft-ds
ACCEPT udp -- 192.168.1.0/24 anywhere udp dpt:microsoft-ds
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT udp -- anywhere anywhere udp dpt:ssh
ACCEPT tcp -- anywhere anywhere tcp dpt:webmin
ACCEPT udp -- anywhere anywhere udp dpt:10000
ACCEPT tcp -- anywhere anywhere tcp dpt:mysql
ACCEPT udp -- anywhere anywhere udp dpt:mysql
LSI all -- anywhere anywhere
Chain LOG_FILTER (5 references)
target prot opt source destination
Chain LSI (2 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST
LOG icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP icmp -- anywhere anywhere icmp echo-request
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Inbound '
DROP all -- anywhere anywhere
Chain LSO (0 references)
target prot opt source destination
LOG_FILTER all -- anywhere anywhere
LOG all -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Outbound '
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable
Chain OUTBOUND (3 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT all -- anywhere anywhere
--
leonardo 'LeOS' buffa
IT security consultant
pgpkey ID: 44B5D28F
human knowledge belongs to the world
------------------------------
Linux Registered User: #135079
------------------------------
_______________________________________________
Linux mailing list
Linux a ml.bilug.linux.it
http://ml.bilug.linux.it/mailman/listinfo/linux
Maggiori informazioni sulla lista
Linux