Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- I'm unable to get IPTABLES to forward port 143. When I directly: "telnet 192.168.1.7 143", it works. If I telnet though my firewall: "telnet 192.168.1.1", I get "Unable to connect to remote host".
- I'm sure it's not forwarded because on ...7 "tcpdump -i any tcp port 143 -n" doesn't report anything. Is it possible to see what I'm doing wrong?
- # This is the IPTABLES on my firewall with INET address 77.40.215.18
- root@kanin:~# iptables -L -n
- Chain INPUT (policy DROP)
- target prot opt source destination
- ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
- bad_packets all -- 0.0.0.0/0 0.0.0.0/0
- ACCEPT tcp -- 0.0.0.0/0 77.40.215.18 tcp dpt:81
- ACCEPT tcp -- 0.0.0.0/0 77.40.215.18 tcp dpt:3142
- ACCEPT tcp -- 0.0.0.0/0 77.40.215.18 tcp dpt:22
- ACCEPT tcp -- 0.0.0.0/0 77.40.215.18 tcp dpt:80
- ACCEPT tcp -- 0.0.0.0/0 77.40.215.18 tcp dpt:143
- DROP all -- 0.0.0.0/0 224.0.0.1
- ACCEPT all -- 192.168.1.0/24 0.0.0.0/0
- ACCEPT all -- 0.0.0.0/0 192.168.1.255
- ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
- tcp_inbound tcp -- 0.0.0.0/0 0.0.0.0/0
- udp_inbound udp -- 0.0.0.0/0 0.0.0.0/0
- icmp_packets icmp -- 0.0.0.0/0 0.0.0.0/0
- ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:68 dpt:67
- ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:631 dpt:631
- DROP all -- 0.0.0.0/0 0.0.0.0/0 PKTTYPE = broadcast
- LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 3 LOG flags 0 level 4 prefix `INPUT packet died: '
- Chain FORWARD (policy DROP)
- target prot opt source destination
- bad_packets all -- 0.0.0.0/0 0.0.0.0/0
- tcp_outbound tcp -- 0.0.0.0/0 0.0.0.0/0
- udp_outbound udp -- 0.0.0.0/0 0.0.0.0/0
- ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
- ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
- ACCEPT tcp -- 0.0.0.0/0 192.168.1.4 tcp dpt:22
- ACCEPT tcp -- 0.0.0.0/0 192.168.1.4 tcp dpt:2222
- ACCEPT tcp -- 0.0.0.0/0 192.168.1.4 tcp dpt:443
- ACCEPT tcp -- 0.0.0.0/0 192.168.1.7 tcp dpt:143
- ACCEPT tcp -- 69.41.163.31 192.168.1.7 tcp dpt:22389
- LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 3 LOG flags 0 level 4 prefix `FORWARD packet died: '
- ACCEPT tcp -- 0.0.0.0/0 192.168.1.4 tcp dpt:22
- ACCEPT tcp -- 0.0.0.0/0 192.168.1.4 tcp dpt:2222
- ACCEPT tcp -- 0.0.0.0/0 192.168.1.7 tcp dpt:143
- ACCEPT tcp -- 0.0.0.0/0 192.168.1.4 tcp dpt:443
- ACCEPT tcp -- 69.41.163.31 192.168.1.7 tcp dpt:22389
- LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 3 LOG flags 0 level 4 prefix `FORWARD packet died: '
- Chain OUTPUT (policy DROP)
- target prot opt source destination
- DROP icmp -- 0.0.0.0/0 0.0.0.0/0 state INVALID
- ACCEPT all -- 127.0.0.1 0.0.0.0/0
- ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
- ACCEPT all -- 192.168.1.1 0.0.0.0/0
- ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
- ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
- LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 3 LOG flags 0 level 4 prefix `OUTPUT packet died: '
- Chain bad_packets (2 references)
- target prot opt source destination
- LOG all -- 192.168.1.0/24 0.0.0.0/0 LOG flags 0 level 4 prefix `Illegal source: '
- DROP all -- 192.168.1.0/24 0.0.0.0/0
- LOG all -- 0.0.0.0/0 0.0.0.0/0 state INVALID LOG flags 0 level 4 prefix `Invalid packet: '
- DROP all -- 0.0.0.0/0 0.0.0.0/0 state INVALID
- bad_tcp_packets tcp -- 0.0.0.0/0 0.0.0.0/0
- RETURN all -- 0.0.0.0/0 0.0.0.0/0
- Chain bad_tcp_packets (1 references)
- target prot opt source destination
- RETURN tcp -- 0.0.0.0/0 0.0.0.0/0
- LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW LOG flags 0 level 4 prefix `New not syn: '
- DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW
- LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00 LOG flags 0 level 4 prefix `Stealth scan: '
- DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
- LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F LOG flags 0 level 4 prefix `Stealth scan: '
- DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
- LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29 LOG flags 0 level 4 prefix `Stealth scan: '
- DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29
- LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x37 LOG flags 0 level 4 prefix `Stealth scan: '
- DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x37
- LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06 LOG flags 0 level 4 prefix `Stealth scan: '
- DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
- LOG tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03 LOG flags 0 level 4 prefix `Stealth scan: '
- DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
- RETURN tcp -- 0.0.0.0/0 0.0.0.0/0
- Chain icmp_packets (1 references)
- target prot opt source destination
- LOG icmp -f 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4 prefix `ICMP Fragment: '
- DROP icmp -f 0.0.0.0/0 0.0.0.0/0
- DROP icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8
- ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11
- RETURN icmp -- 0.0.0.0/0 0.0.0.0/0
- Chain tcp_inbound (1 references)
- target prot opt source destination
- ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22
- ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:143
- RETURN tcp -- 0.0.0.0/0 0.0.0.0/0
- Chain tcp_outbound (1 references)
- target prot opt source destination
- ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0
- Chain udp_inbound (1 references)
- target prot opt source destination
- DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:137
- DROP udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:138
- RETURN udp -- 0.0.0.0/0 0.0.0.0/0
- Chain udp_outbound (1 references)
- target prot opt source destination
- ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement