problem with firewalling unspecified ports w/ iptables
Posted: Wed Aug 19, 2009 7:04 am
yo
situation:
1. Unreal 3.2 on slackware 10 works fine, lots of fun
2. behind nat firewall, used DMZ to designate server as go to, no problems
3. require ssh from one user on the other side of the atlantic
4. unblock ssh for that specific ip address
5. realise that individuals of less than perfect character have been trying to abuse various other ports, filling up my logs very quickly
6. decide to go whitelist on ports :
7. can no longer connect to irc through dns name (i.e. through external route). when bottom "reject all" line is removed, problem vanishes
Imagined problems
1. unreal uses unspecified port/udp for connection ( identd?)
2. secure connection (port 7000?)as default? not used under normal circumstances
any other insights?
I've had this server running fine for close to four months, but security is starting to be an issue.
thanks for looking.
situation:
1. Unreal 3.2 on slackware 10 works fine, lots of fun
2. behind nat firewall, used DMZ to designate server as go to, no problems
3. require ssh from one user on the other side of the atlantic
4. unblock ssh for that specific ip address
5. realise that individuals of less than perfect character have been trying to abuse various other ports, filling up my logs very quickly
6. decide to go whitelist on ports :
Code: Select all
---- censored; whitelists interior network and foreign client ----
iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport 6667 -j ACCEPT
iptables -t filter -A INPUT -p tcp --dport ssh -j DROP
iptables -t filter -A INPUT -p tcp --dport ftp -j DROP
iptables -t filter -A INPUT -p tcp -j DROPImagined problems
1. unreal uses unspecified port/udp for connection ( identd?)
2. secure connection (port 7000?)as default? not used under normal circumstances
any other insights?
I've had this server running fine for close to four months, but security is starting to be an issue.
thanks for looking.
