Ciao a tutti,
oggi ho installato lenny su un nuovo server, ma ho un problema assurdo:
iptables accetta tutte le regole del mio firewall tranne i range target
sia in source che in destination.
Come riportato qui sotto accetta il comando ma anzichè il range inserito
mette sistematicamente 0.0.0.0 .
Qualche idea?
r...@pbt:~# iptables -L -n -v
Chain INPUT (policy ACCEPT 64 packets, 4000 bytes)
pkts bytes target prot opt in out source
destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 36 packets, 3680 bytes)
pkts bytes target prot opt in out source
destination
r...@pbt:~# iptables -A INPUT -i eth2 -m iprange --src-range
192.168.0.100-192.168.0.120 -d 192.168.0.1 -p udp --dport 80 -m state
--state NEW -j ACCEPT
r...@pbt:~# iptables -L -n -v
Chain INPUT (policy ACCEPT 8 packets, 464 bytes)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT udp -- eth2 * 0.0.0.0/0
192.168.0.1 source IP range 0.0.0.0-0.0.0.0 udp dpt:80 state
NEW
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 5 packets, 648 bytes)
pkts bytes target prot opt in out source
destination
r...@pbt:~# iptables -A INPUT -i eth2 -m iprange --dst-range
192.168.0.100-192.168.0.120 -d 192.168.0.1 -p udp --dport 80 -m state
--state NEW -j ACCEPT
r...@pbt:~# iptables -L -n -v
Chain INPUT (policy ACCEPT 8 packets, 464 bytes)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT udp -- eth2 * 0.0.0.0/0
192.168.0.1 source IP range 0.0.0.0-0.0.0.0 udp dpt:80 state
NEW
0 0 ACCEPT udp -- eth2 * 0.0.0.0/0
192.168.0.1 destination IP range 0.0.0.0-0.0.0.0 udp dpt:80
state NEW
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 5 packets, 648 bytes)
pkts bytes target prot opt in out source
destination
r...@pbt:~# iptables -A INPUT -i eth2 -m iprange --dst-range
192.168.0.100 -d 192.168.0.1 -p udp --dport 80 -m state --state NEW -j
ACCEPT
r...@pbt:~# iptables -L -n -v
Chain INPUT (policy ACCEPT 8 packets, 464 bytes)
pkts bytes target prot opt in out source
destination
0 0 ACCEPT udp -- eth2 * 0.0.0.0/0
192.168.0.1 source IP range 0.0.0.0-0.0.0.0 udp dpt:80 state
NEW
0 0 ACCEPT udp -- eth2 * 0.0.0.0/0
192.168.0.1 destination IP range 0.0.0.0-0.0.0.0 udp dpt:80
state NEW
0 0 ACCEPT udp -- eth2 * 0.0.0.0/0
192.168.0.1 destination IP range 0.0.0.0-0.0.0.0 udp dpt:80
state NEW
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source
destination
Chain OUTPUT (policy ACCEPT 5 packets, 632 bytes)
pkts bytes target prot opt in out source
destination
r...@pbt:~#
grazie a tutti comunque!
--
Per REVOCARE l'iscrizione alla lista, inviare un email a
[email protected] con oggetto "unsubscribe". Per
problemi inviare un email in INGLESE a [email protected]
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
