+ Responder ao Tópico



  1. #1
    Felipe_
    Visitante

    Padrão Problemas com regras de Firewall

    eae pessoal....
    é o seguinte...

    estou com as seguintes regras do firewall de meu pc particular..

    iptables -F
    iptables -A INPUT -i eth0 -p tcp -s 0.0.0.0/0 -limit 3/min
    iptables -A INPUT -i eth0 -p tcp -s 0.0.0.0/0 -limit-burst 3 -j LOG
    iptables -A INPUT -i eth0 -p tcp -s 0.0.0.0/0 -syn -j LOG
    iptables -A INPUT -s 0/0 -d 0/0 -p icmp -j DROP
    iptables -A INPUT -s 0/0 -d 0/0 -p icmp -j LOG
    iptables -A INPUT -s 0/0 -d 0/0 -p tcp -dport 20 -j DROP
    iptables -A INPUT -s 0/0 -d 0/0 -p tcp -dport 21 -j DROP
    iptables -A INPUT -s 0/0 -d 0/0 -p tcp -dport 25 -j DROP
    iptables -A INPUT -p tcp --dport 22 -j DROP
    iptables -A INPUT -p tcp --dport 22 -j LOG
    iptables -A INPUT -p tcp --dport 1024 -j ACCEPT
    iptables -A INPUT -p tcp --dport 1024 -j LOG

    mas quando dou o comando ./rc.local para carregar esse arquivo que contem as regras aparece isso :

    [[email protected] rc.d]# ./rc.local
    iptables v1.2.9: multiple -i flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.
    iptables v1.2.9: multiple -i flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.
    iptables v1.2.9: multiple -s flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.
    iptables v1.2.9: multiple -d flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.
    iptables v1.2.9: multiple -d flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.
    iptables v1.2.9: multiple -d flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.

    pq aparece "flags not allowed" ?????

    e quando dou o comando iptables -L -v para ver as regras vejo que estao faltando 2 regras .....

    [[email protected] rc.d]# iptables -L -v
    Chain INPUT (policy ACCEPT 16308 packets, 5242K bytes)
    pkts bytes target prot opt in out source destination
    0 0 DROP icmp -- any any anywhere anywhere
    0 0 LOG icmp -- any any anywhere anywhere LOG level warning
    0 0 DROP tcp -- any any anywhere anywhere tcp dpt:ssh
    0 0 LOG tcp -- any any anywhere anywhere tcp dpt:ssh LOG level warning
    0 0 ACCEPT tcp -- any any anywhere anywhere tcp dpt:1024
    0 0 LOG tcp -- any any anywhere anywhere tcp dpt:1024 LOG level warning

    Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
    pkts bytes target prot opt in out source destination

    Chain OUTPUT (policy ACCEPT 17042 packets, 1567K bytes)
    pkts bytes target prot opt in out source destination

    pq as primeiras nao entraram ???
    alguem poderia me ajudar ???

    Obrigado. :wink:

  2. #2

    Padrão Problemas com regras de Firewall

    coloque --limit ao inves de -limit



  3. #3
    Felipe_
    Visitante

    Padrão Problemas com regras de Firewall

    e no caso pq aparece esse "flags not allowed" ? e a letra antes.

  4. #4

    Padrão Problemas com regras de Firewall

    ops num tinha visto essa
    eh --syn e nao -syn



  5. #5
    Felipe_
    Visitante

    Padrão Problemas com regras de Firewall

    agora ta aparecendo isso:

    [[email protected] rc.d]# ./rc.local
    iptables v1.2.9: Unknown arg `--limit'
    Try `iptables -h' or 'iptables --help' for more information.
    iptables v1.2.9: Unknown arg `--limit-burst'
    Try `iptables -h' or 'iptables --help' for more information.
    iptables v1.2.9: multiple -d flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.
    iptables v1.2.9: multiple -d flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.
    iptables v1.2.9: multiple -d flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.

  6. #6

    Padrão Problemas com regras de Firewall

    bom sao varias regras com problema....
    vai executadando uma por uma pra achar o erro



  7. #7
    Felipe_
    Visitante

    Padrão Problemas com regras de Firewall

    [email protected] rc.d]# iptables -A INPUT -i eth0 -p tcp -s 0.0.0.0/0 --limit 3/min
    iptables v1.2.9: Unknown arg `--limit'
    Try `iptables -h' or 'iptables --help' for more information.
    [[email protected] rc.d]# iptables -A INPUT -i eth0 -p tcp -s 0.0.0.0/0 -limit 3/min
    iptables v1.2.9: multiple -i flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.


    [[email protected] rc.d]# iptables -A INPUT -i eth0 -p tcp -s 0.0.0.0/0 --limit-burst 3 -j LOG
    iptables v1.2.9: Unknown arg `--limit-burst'
    Try `iptables -h' or 'iptables --help' for more information.
    [[email protected] rc.d]# iptables -A INPUT -i eth0 -p tcp -s 0.0.0.0/0 -limit-burst 3 -j LOG
    iptables v1.2.9: multiple -i flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.


    [[email protected] rc.d]# iptables -A INPUT -i eth0 -p tcp -s 0.0.0.0/0 --syn -j LOG
    [[email protected] rc.d]#

    [[email protected] rc.d]# iptables -A INPUT -s 0/0 -d 0/0 -p icmp -j DROP
    [[email protected] rc.d]#

    [[email protected] rc.d]# iptables -A INPUT -s 0/0 -d 0/0 -p icmp -j LOG
    [[email protected] rc.d]#

    [[email protected] rc.d]# iptables -A INPUT -s 0/0 -d 0/0 -p tcp -dport 20 -j DROP
    iptables v1.2.9: multiple -d flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.

    [[email protected] rc.d]# iptables -A INPUT -s 0/0 -d 0/0 -p tcp -dport 21 -j DROP
    iptables v1.2.9: multiple -d flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.

    [[email protected] rc.d]# iptables -A INPUT -s 0/0 -d 0/0 -p tcp -dport 25 -j DROP
    iptables v1.2.9: multiple -d flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.

    [[email protected] rc.d]# iptables -A INPUT -p tcp --dport 22 -j LOG
    [[email protected] rc.d]#

    [[email protected] rc.d]# iptables -A INPUT -p tcp --dport 22 -j DROP
    [[email protected] rc.d]#

    [[email protected] rc.d]# iptables -A INPUT -p tcp --dport 1024 -j ACCEPT
    [[email protected] rc.d]#

    [[email protected] rc.d]# iptables -A INPUT -p tcp --dport 1024 -j LOG
    [[email protected] rc.d]#

  8. #8

    Padrão Problemas com regras de Firewall

    [[email protected] rc.d]# iptables -A INPUT -s 0/0 -d 0/0 -p tcp -dport 20 -j DROP
    iptables v1.2.9: multiple -d flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.
    [[email protected] rc.d]# iptables -A INPUT -s 0/0 -d 0/0 -p tcp -dport 21 -j DROP
    iptables v1.2.9: multiple -d flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.
    [[email protected] rc.d]# iptables -A INPUT -s 0/0 -d 0/0 -p tcp -dport 25 -j DROP
    iptables v1.2.9: multiple -d flags not allowed
    Try `iptables -h' or 'iptables --help' for more information.

    eh tudo --dport ai em cima e nao -dport



  9. #9
    Felipe_
    Visitante

    Padrão Problemas com regras de Firewall

    obrigado ic3_m4n

    agora só mais uma coisa.....
    adicionei mais alguns comandos...
    quando dou o comando ./rc.local aparece isso

    iptables v1.2.9: Couldn't load match `ultiport':/lib/iptables/libipt_ultiport.so: cannot open shared object file: No such file or directory

    mas quando entro no /lib/iptables/
    esse arquivo libipt_ultiport.so esta como libipt_multiport.so
    pq ele esta lendo o nome errado ?? e ai nao consegue executar o comando....
    tem como fazer ele ler o nome certo ?

    Obrigado.

  10. #10
    Felipe_
    Visitante

    Padrão Problemas com regras de Firewall

    estou usando este comando que da aquele erro...

    iptables -A INPUT -p tcp --multiport --destination-port 135,137,138,139 -j LOG
    iptables -A INPUT -p udp --multiport --destination-port 137,138,139 -j LOG

    Existe algum outro comando alem desse para registrar as tentativas de análise nas portas padrão em redes Microsoft ??

    Obrigado. ops: