DAurumДа действительно, синтаксис команд был не правильный.
Код:
# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh
ACCEPT udp -- 192.168.1.0/24 anywhere udp dpt:30006
ACCEPT tcp -- anywhere anywhere tcp dpt:30005
ACCEPT udp -- anywhere anywhere udp dpts:7070:7079
ACCEPT udp -- anywhere anywhere udp dpt:5060
ACCEPT tcp -- anywhere anywhere tcp dpt:telnet
ACCEPT tcp -- anywhere anywhere tcp dpt:www
ACCEPT all -- anywhere anywhere state RELATED,ESTAB
LISHED
ACCEPT udp -- anywhere anywhere udp dpt:500
ACCEPT esp -- anywhere anywhere
ACCEPT !esp -- anywhere anywhere MARK match 0x100000
00/0x10000000
LOG tcp -- anywhere anywhere tcp flags:SYN,RST,A
CK/SYN limit: avg 6/hour burst 5 LOG level alert prefix `Intrusion -> '
DROP all -- anywhere anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
ACCEPT tcp -- anywhere 192.168.1.4 tcp dpt:23890
ACCEPT udp -- anywhere 192.168.1.4 udp dpt:23890
ACCEPT udp -- 192.168.1.0/24 anywhere udp dpt:30006
ACCEPT tcp -- anywhere anywhere tcp dpt:30005
ACCEPT udp -- anywhere 192.168.1.10 udp dpt:6112
ACCEPT tcp -- anywhere 192.168.1.10 tcp dpt:8000
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/S
YN TCPMSS clamp to PMTU
TCPMSS tcp -- anywhere anywhere tcp flags:SYN,RST/S
YN TCPMSS clamp to PMTU
ACCEPT all -- anywhere anywhere state RELATED,ESTAB
LISHED
ACCEPT !esp -- anywhere anywhere MARK match 0x100000
00/0x10000000
LOG tcp -- anywhere anywhere tcp flags:SYN,RST,A
CK/SYN limit: avg 6/hour burst 5 LOG level alert prefix `Intrusion -> '
DROP all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DROP all -- anywhere 239.255.255.250
# iptables -L -v
Chain INPUT (policy ACCEPT 263 packets, 50898 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT tcp -- ppp_0_0_33_1 any anywhere anywhere tcp dpt:ssh
0 0 ACCEPT udp -- ppp_0_0_33_1 any 192.168.1.0/24 anywhere udp dpt:30006
0 0 ACCEPT tcp -- ppp_0_0_33_1 any anywhere anywhere tcp dpt:30005
0 0 ACCEPT udp -- ppp_0_0_33_1 any anywhere anywhere udp dpts:7070:7079
0 0 ACCEPT udp -- ppp_0_0_33_1 any anywhere anywhere udp dpt:5060
79 3373 ACCEPT tcp -- ppp_0_0_33_1 any anywhere anywhere tcp dpt:telnet
205 26233 ACCEPT tcp -- ppp_0_0_33_1 any anywhere anywhere tcp dpt:www
1 506 ACCEPT all -- ppp_0_0_33_1 any anywhere anywhere state RELATED,ESTABLISHED
0 0 ACCEPT udp -- ppp_0_0_33_1 any anywhere anywhere udp dpt:500
0 0 ACCEPT esp -- ppp_0_0_33_1 any anywhere anywhere
0 0 ACCEPT !esp -- ppp_0_0_33_1 any anywhere anywhere MARK match 0x10000000/0x10000000
7 408 LOG tcp -- ppp_0_0_33_1 any anywhere anywhere tcp flags:SYN,RST,ACK/SYN limit: avg 6/hour burst 5 LOG level alert prefix `Intrusion -> '
14 775 DROP all -- ppp_0_0_33_1 any anywhere anywhere
Chain FORWARD (policy ACCEPT 1320 packets, 150K bytes)
pkts bytes target prot opt in out source destination
4 168 ACCEPT tcp -- any any anywhere 192.168.1.4 tcp dpt:23890
107 6786 ACCEPT udp -- any any anywhere 192.168.1.4 udp dpt:23890
0 0 ACCEPT udp -- ppp_0_0_33_1 any 192.168.1.0/24 anywhere udp dpt:30006
0 0 ACCEPT tcp -- ppp_0_0_33_1 any anywhere anywhere tcp dpt:30005
0 0 ACCEPT udp -- ppp_0_0_33_1 any anywhere 192.168.1.10 udp dpt:6112
0 0 ACCEPT tcp -- ppp_0_0_33_1 any anywhere 192.168.1.10 tcp dpt:8000
244 11712 TCPMSS tcp -- any ppp_0_0_33_1 anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
216 10368 TCPMSS tcp -- ppp_0_0_33_1 any anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
897 96099 ACCEPT all -- ppp_0_0_33_1 any anywhere anywhere state RELATED,ESTABLISHED
0 0 ACCEPT !esp -- ppp_0_0_33_1 any anywhere anywhere MARK match 0x10000000/0x10000000
0 0 LOG tcp -- ppp_0_0_33_1 any anywhere anywhere tcp flags:SYN,RST,ACK/SYN limit: avg 6/hour burst 5 LOG level alert prefix `Intrusion -> '
0 0 DROP all -- ppp_0_0_33_1 any anywhere anywhere
Chain OUTPUT (policy ACCEPT 501 packets, 201K bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any ppp_0_0_33_1 anywhere 239.255.255.250
# # iptables -L -v
# Chain INPUT (policy ACCEPT 263 packets, 50898 bytes)
syntax error
# pkts bytes target prot opt in out source destination
pkts: not found
# 0 0 ACCEPT tcp -- ppp_0_0_33_1 any anywhere anywhere tcp dpt:ssh
0: not found
# 0 0 ACCEPT udp -- ppp_0_0_33_1 any 192.168.1.0/24 anywhere udp dpt:30006
0: not found
# 0 0 ACCEPT tcp -- ppp_0_0_33_1 any anywhere anywhere tcp dpt:30005
0: not found
# 0 0 ACCEPT udp -- ppp_0_0_33_1 any anywhere anywhere udp dpts:7070:7079
205 26233 ACCEPT tcp -- ppp_0_0_33_1 any anywhere anywhere tcp dpt:www
0: not found
# 0 0 ACCEPT udp -- ppp_0_0_33_1 any anywhere anywhere udp dpt:5060
0 0 ACCEPT udp -- ppp_0_0_33_1 any anywhere anywhere udp dpt:500
0: not found
# 79 3373 ACCEPT tcp -- ppp_0_0_33_1 any anywhere anywhere tcp dpt:telnet
0 0 ACCEPT !esp -- ppp_0_0_33_1 any anywhere anywhere MARK match 0x10000000/0x10000000
79: not found
# 205 26233 ACCEPT tcp -- ppp_0_0_33_1 any anywhere anywhere tcp dpt:www
7 408 LOG tcp -- ppp_0_0_33_1 any anywhere anywhere tcp flags:SYN,RST,ACK/SYN limit: avg 6/hour burst 5 LOG level alert prefix `Intrusion -> '
205: not found
# 1 506 ACCEPT all -- ppp_0_0_33_1 any anywhere anywhere state RELATED,ESTABLISHED
1: not found
# 0 0 ACCEPT udp -- ppp_0_0_33_1 any anywhere anywhere udp dpt:500
0: not found
# 0 0 ACCEPT esp -- ppp_0_0_33_1 any anywhere anywhere
pkts bytes target prot opt in out source destination
0: not found
# 0 0 ACCEPT !esp -- ppp_0_0_33_1 any anywhere anywhere MARK match 0x10000000/0x10000000
107 6786 ACCEPT udp -- any any anywhere 192.168.1.4 udp dpt:23890
0: not found
# 7 408 LOG tcp -- ppp_0_0_33_1 any anywhere anywhere tcp flags:SYN,RST,ACK/SYN limit: avg 6/hour burst 5 LOG level alert prefix `Intrusion -> '
> 14 775 DROP all -- ppp_0_0_33_1 any anywhere anywhere
>
> Chain FORWARD (policy ACCEPT 1320 packets, 150K bytes)
> pkts bytes target prot opt in out source destination
> 4 168 ACCEPT tcp -- any any anywhere 192.168.1.4 tcp dpt:23890
> 107 6786 ACCEPT udp -- any any anywhere 192.168.1.4 udp dpt:23890
> 0 0 ACCEPT udp -- ppp_0_0_33_1 any 192.168.1.0/24 anywhere udp dpt:30006
> 0 0 ACCEPT tcp -- ppp_0_0_33_1 any anywhere anywhere tcp dpt:30005
> 0 0 ACCEPT udp -- ppp_0_0_33_1 any anywhere 192.168.1.10 udp dpt:6112
> 0 0 ACCEPT tcp -- ppp_0_0_33_1 any anywhere 192.168.1.10 tcp dpt:8000
> 244 11712 TCPMSS tcp -- any ppp_0_0_33_1 anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
> 216 10368 TCPMSS tcp -- ppp_0_0_33_1 any anywhere anywhere tcp flags:SYN,RST/SYN TCPMSS clamp to PMTU
> 897 96099 ACCEPT all -- ppp_0_0_33_1 any anywhere anywhere state RELATED,ESTABLISHED
> 0 0 ACCEPT !esp -- ppp_0_0_33_1 any anywhere anywhere MARK match 0x10000000/0x10000000
> 0 0 LOG tcp -- ppp_0_0_33_1 any anywhere anywhere tcp flags:SYN,RST,ACK/SYN limit: avg 6/hour burst 5 LOG level alert prefix `Intrusion -> '
> 0 0 DROP all -- ppp_0_0_33_1 any anywhere anywhere
>
> Chain OUTPUT (policy ACCEPT 501 packets, 201K bytes)
> pkts bytes target prot opt in out source destination
> 0 0 DROP all -- any ppp_0_0_33_1 anywhere 239.255.255.250
> #
Вход
Регистрация
FAQ
Поиск
