Olá...
Estou com uma bronca sinistra...
meu firewall está bloqueando todas as requisições
externas ....dns....pop....smtp....tá barrando tudo....
alguem tem uma luz....HELP!!!!!!!!!!!!!!!!!!!
Olá...
Estou com uma bronca sinistra...
meu firewall está bloqueando todas as requisições
externas ....dns....pop....smtp....tá barrando tudo....
alguem tem uma luz....HELP!!!!!!!!!!!!!!!!!!!
Vc usa iptables? posta as regras aqui, pois sem isso nao temos como ajuda-loPostado originalmente por rootmaster
[ ]´s
Fábio Jung
input,0.0.0.0,0.0.0.0,0.0.0.0,0.0.0.0,udp,67,eth0,Postado originalmente por x-fabio-x
input,0.0.0.0,0.0.0.0,0.0.0.0,0.0.0.0,tcp,243,eth0,
input,0.0.0.0,0.0.0.0,0.0.0.0,0.0.0.0,tcp,10002,eth0,
input,0.0.0.0,0.0.0.0,0.0.0.0,0.0.0.0,tcp,25,todas,,permite,1024:65535,0
input,0.0.0.0,0.0.0.0,0.0.0.0,0.0.0.0,tcp,110,todas,,permite,1024:65535,0
input,0.0.0.0,0.0.0.0,200.166.24.130,255.255.255.255,tcp,10001,todas,,permite,1024:65535,0
input,0.0.0.0,0.0.0.0,200.166.24.130,255.255.255.255,tcp,22,eth1,,permite,1024:65535,0
input,0.0.0.0,0.0.0.0,200.166.24.130,255.255.255.255,tcp,9090,eth1,,permite,1024:65535,0
input,0.0.0.0,0.0.0.0,0.0.0.0,0.0.0.0,tcp,10001,eth0,,permite,1024:65535,0
input,0.0.0.0,0.0.0.0,0.0.0.0,0.0.0.0,tcp,80,todas,,permite,0:65535,0
input,0.0.0.0,0.0.0.0,192.168.2.254,255.255.255.255,tcp,9090,todas,,permite,1024:65535,0
input,0.0.0.0,0.0.0.0,192.168.2.24,255.255.255.255,tcp,5800,eth1,,permite,0:65535,0
input,0.0.0.0,0.0.0.0,192.168.2.24,255.255.255.255,tcp,5900,eth1,,permite,0:65535,0
input,0.0.0.0,0.0.0.0,200.166.24.130,255.255.255.255,tcp,20,todas,on,permite,1024:65535,0
input,192.168.2.27,255.255.255.255,192.168.2.254,255.255.255.255,tcp,ssh,todas,,permite,1024:65535,0
input,0.0.0.0,0.0.0.0,192.168.2.27,255.255.255.255,tcp,5900,eth1,,permite,0:65535,0
input,0.0.0.0,0.0.0.0,192.168.2.27,255.255.255.255,tcp,5800,eth1,,permite,0:65535,0
input,192.168.2.15,255.255.255.255,192.168.2.254,255.255.255.255,tcp,22,todas,,permite,1024:65535,0
input,192.168.2.150,255.255.255.255,192.168.2.254,255.255.255.255,tcp,22,todas,,permite,1024:65535,0
input,0.0.0.0,0.0.0.0,192.168.2.100,255.255.255.255,tcp,1720,todas,,permite,1024:65535,0
input,0.0.0.0,0.0.0.0,192.168.2.100,255.255.255.255,udp,1720,todas,,permite,1024:65535,0
input,0.0.0.0,0.0.0.0,0.0.0.0,0.0.0.0,udp,53,todas,,permite,1024:65535,0
input,0.0.0.0,0.0.0.0,0.0.0.0,0.0.0.0,tcp,53,todas,,permite,1024:65535,0
humm onde voce tirou isso pra ser como firewall ??
eu tambem estava tentando desvendar o que seria e de onde ele tirou isso !! rsrs
que que é isso? de onde veio?
Eu por exemplo acabei de postar o meu aqui
pois eu estou usando um FC4 e não estou conseguindo barrar o msn com essas regras .. :toim:
perdão...mandei a lista de regras tipo relatório....
cpmp faço para ver as regras que estão sendo usadas no iptables...
valeu....
:toim:
segue minhas regras...
tcp -- anywhere oliveira tcp sptop3 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- oliveira anywhere tcp spts:1023:65535 dptop3
ACCEPT tcp -- anywhere oliveira tcp spt:smtp dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- oliveira anywhere tcp spts:1023:65535 dpt:smtp
ACCEPT tcp -- anywhere eliane tcp spt:ftp-data dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- eliane anywhere tcp spts:1023:65535 dpt:ftp-data
ACCEPT tcp -- anywhere eliane tcp spt:ftp dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- eliane anywhere tcp spts:1023:65535 dpt:ftp
ACCEPT tcp -- anywhere eliane tcp spt:https dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- eliane anywhere tcp spts:1023:65535 dpt:https
ACCEPT udp -- anywhere eliane udp spt:4000 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT udp -- eliane anywhere udp spts:1023:65535 dpt:4000
ACCEPT tcp -- anywhere eliane tcp spt:5190 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- eliane anywhere tcp spts:1023:65535 dpt:5190
ACCEPT tcp -- anywhere eliane tcp spts:1024:65535 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- eliane anywhere tcp spts:1023:65535 dpts:1024:65535
ACCEPT udp -- anywhere eliane udp spts:1024:65535 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT udp -- eliane anywhere udp spts:1023:65535 dpts:1024:65535
ACCEPT tcp -- anywhere eliane tcp sptop3 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- eliane anywhere tcp spts:1023:65535 dptop3
ACCEPT tcp -- anywhere eliane tcp spt:smtp dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- eliane anywhere tcp spts:1023:65535 dpt:smtp
ACCEPT tcp -- 0.0.0.0 eliane tcp spt:smtp dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- eliane 0.0.0.0 tcp spts:1023:65535 dpt:smtp
ACCEPT tcp -- 0.0.0.0 eliane tcp sptop3 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- eliane 0.0.0.0 tcp spts:1023:65535 dptop3
ACCEPT tcp -- 0.0.0.0 andre tcp spt:smtp dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- andre 0.0.0.0 tcp spts:1023:65535 dpt:smtp
ACCEPT tcp -- 0.0.0.0 andre tcp sptop3 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- andre 0.0.0.0 tcp spts:1023:65535 dptop3
ACCEPT tcp -- anywhere andre tcp spt:ftp-data dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- andre anywhere tcp spts:1023:65535 dpt:ftp-data
ACCEPT tcp -- anywhere andre tcp spt:ftp dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- andre anywhere tcp spts:1023:65535 dpt:ftp
ACCEPT tcp -- anywhere andre tcp spt:https dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- andre anywhere tcp spts:1023:65535 dpt:https
ACCEPT udp -- anywhere andre udp spt:4000 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT udp -- andre anywhere udp spts:1023:65535 dpt:4000
ACCEPT tcp -- anywhere andre tcp spt:5190 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- andre anywhere tcp spts:1023:65535 dpt:5190
ACCEPT tcp -- anywhere andre tcp spts:1024:65535 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- andre anywhere tcp spts:1023:65535 dpts:1024:65535
ACCEPT udp -- anywhere andre udp spts:1024:65535 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT udp -- andre anywhere udp spts:1023:65535 dpts:1024:65535
ACCEPT tcp -- anywhere andre tcp sptop3 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- andre anywhere tcp spts:1023:65535 dptop3
ACCEPT tcp -- anywhere andre tcp spt:smtp dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- andre anywhere tcp spts:1023:65535 dpt:smtp
ACCEPT tcp -- 0.0.0.0 ana tcp spt:smtp dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- ana 0.0.0.0 tcp spts:1023:65535 dpt:smtp
ACCEPT tcp -- 0.0.0.0 ana tcp sptop3 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- ana 0.0.0.0 tcp spts:1023:65535 dptop3
ACCEPT tcp -- anywhere ana tcp spt:ftp-data dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- ana anywhere tcp spts:1023:65535 dpt:ftp-data
ACCEPT tcp -- anywhere ana tcp spt:ftp dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- ana anywhere tcp spts:1023:65535 dpt:ftp
ACCEPT tcp -- anywhere ana tcp spt:https dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- ana anywhere tcp spts:1023:65535 dpt:https
ACCEPT udp -- anywhere ana udp spt:4000 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT udp -- ana anywhere udp spts:1023:65535 dpt:4000
ACCEPT tcp -- anywhere ana tcp spt:5190 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- ana anywhere tcp spts:1023:65535 dpt:5190
ACCEPT tcp -- anywhere ana tcp spts:1024:65535 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- ana anywhere tcp spts:1023:65535 dpts:1024:65535
ACCEPT udp -- anywhere ana udp spts:1024:65535 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT udp -- ana anywhere udp spts:1023:65535 dpts:1024:65535
ACCEPT tcp -- anywhere ana tcp sptop3 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- ana anywhere tcp spts:1023:65535 dptop3
ACCEPT tcp -- anywhere ana tcp spt:smtp dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- ana anywhere tcp spts:1023:65535 dpt:smtp
ACCEPT tcp -- anywhere sidney tcp spt:ftp-data dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- sidney anywhere tcp spts:1023:65535 dpt:ftp-data
ACCEPT tcp -- anywhere sidney tcp spt:ftp dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- sidney anywhere tcp spts:1023:65535 dpt:ftp
ACCEPT tcp -- anywhere sidney tcp spt:https dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- sidney anywhere tcp spts:1023:65535 dpt:https
ACCEPT udp -- anywhere sidney udp spt:4000 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT udp -- sidney anywhere udp spts:1023:65535 dpt:4000
ACCEPT tcp -- anywhere sidney tcp spt:5190 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- sidney anywhere tcp spts:1023:65535 dpt:5190
ACCEPT tcp -- anywhere sidney tcp spts:1024:65535 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- sidney anywhere tcp spts:1023:65535 dpts:1024:65535
ACCEPT udp -- anywhere sidney udp spts:1024:65535 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT udp -- sidney anywhere udp spts:1023:65535 dpts:1024:65535
ACCEPT tcp -- anywhere sidney tcp sptop3 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- sidney anywhere tcp spts:1023:65535 dptop3
ACCEPT tcp -- anywhere sidney tcp spt:smtp dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- sidney anywhere tcp spts:1023:65535 dpt:smtp
ACCEPT tcp -- 0.0.0.0 sidney tcp spt:smtp dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- sidney 0.0.0.0 tcp spts:1023:65535 dpt:smtp
ACCEPT tcp -- 0.0.0.0 sidney tcp sptop3 dpts:1023:65535 state RELATED,ESTABLISHED
ACCEPT tcp -- sidney 0.0.0.0 tcp spts:1023:65535 dptop3
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere jasbey tcp spt:smtp dpts:1024:65535
ACCEPT tcp -- anywhere jasbey tcp spt:128 dpts:1024:65535
ACCEPT tcp -- anywhere jasbey tcp spt:smtp dpts:1024:65535
ACCEPT tcp -- anywhere jasbey tcp spt:128 dpts:1024:65535
ACCEPT tcp -- anywhere andre tcp spt:smtp dpts:1024:65535
ACCEPT tcp -- anywhere andre tcp spt:128 dpts:1024:65535
ACCEPT tcp -- anywhere crmed tcp spt:smtp dpts:1024:65535
ACCEPT tcp -- anywhere crmed tcp spt:128 dpts:1024:65535
ACCEPT tcp -- anywhere oliveira tcp spt:smtp dpts:1024:65535
ACCEPT tcp -- anywhere oliveira tcp spt:128 dpts:1024:65535
ACCEPT tcp -- anywhere eliane tcp spt:smtp dpts:1024:65535
ACCEPT tcp -- anywhere eliane tcp spt:128 dpts:1024:65535
ACCEPT tcp -- anywhere andre tcp spt:smtp dpts:1024:65535
ACCEPT tcp -- anywhere andre tcp spt:128 dpts:1024:65535
ACCEPT tcp -- anywhere ana tcp spt:smtp dpts:1024:65535
ACCEPT tcp -- anywhere ana tcp spt:128 dpts:1024:65535
ACCEPT tcp -- anywhere sidney tcp spt:smtp dpts:1024:65535
ACCEPT tcp -- anywhere sidney tcp spt:128 dpts:1024:65535
Cara, isso nao é o SCRIPT do seu firewall, outra, vc só tem a CHAIN OUTPUT???
CADE A INPUT, FORWARD..... ta ACCEPT tb ou ta drop? pode ser por isso que nao ta aceitando nada de fora da rede externa... sei lá com isso que vc colocou ai fica meio complicado de ajudar...
Bom como ver ??????????Postado originalmente por rootmaster
Meu pelo que estou vendo vc esta aprendendo a mexer num servidor de produçao ...
Cara se estiver fazendo isso cuidado
para ver as regras ja executadas é só dar esse comando
iptables -L
:good: :good: :good:
Problema resolvido ....
Dei um Frush no Firewall e restartei os Serviços
~}#iptables -F
Valeu..................................
...
repito, eu havia dito o SCRIPT do seu firewall...
sem mais...
Olá rootmaster...
Cara, uma vez vi isso num firewall que fiz algum tempo...
seguinte...
no meu caso, havia uma porta de ftp aberta... alguém conseguiu acessar a porta e rodar um exploit... esse exploit fez isso que vi aí... ou seja, liberou acesso a diversos usuários (repare nos nomes...)
ACCEPT tcp -- anywhere eliane tcp spt:5190 dpts:1023:65535 state RELATED,ESTABLISHED
aí diz que de qualquer lugar o usuário eliane acessa por protocolo tcp no range das portas 1023 a 65535...
hehe... dá uma olhada com cuidado nos scripts do firewall...
tenta achar brechas de segurança... sempre tem!!!
Olha os logs... use um nmap p/ descobrir as portas abertas e serviços...
refaça os passos de boot... tenha certeza que no boot ele carrega o seu script original...
é isso aí... todo cuidado é pouco... firewalls com linux são muito bons, robustos e seguros... porém devem ser configurados com cuidado e boa dose de paranóia em segurança...
[ ]´s
Mauzão
vleu mauzao.......
todo cuidado é pouco com firewall...
valeu a força....