Share this post:
Responses (7)
-
Accepted Answer
-
Accepted Answer
-
Accepted Answer
-
Accepted Answer
iptables -nvL
Chain INPUT (policy DROP 252K packets, 14M bytes)
pkts bytes target prot opt in out source destination
32508 2079K REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 match-set f2b-sshd src reject-with icmp-port-unreachable
107 6864 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 match-set f2b-sshd-ddos src reject-with icmp-port-unreachable
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set snortsam_INGRESS src
3440 262K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:123 state RELATED,ESTABLISHED
107K 39M ACCEPT tcp -- * * 192.168.x.239 0.0.0.0/0 tcp dpt:81
373 15960 DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:81
17735 1034K DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
0 0 REJECT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x12/0x12 state NEW reject-with tcp-reset
51283 9767K DROP tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 state NEW
0 0 DROP all -- enp1s0 * 127.0.0.0/8 0.0.0.0/0
16M 14G ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- pptp+ * 0.0.0.0/0 0.0.0.0/0
72 4984 ACCEPT all -- tun+ * 0.0.0.0/0 0.0.0.0/0
12M 2770M ACCEPT all -- enp2s0 * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- enp1s0 * 0.0.0.0/0 0.0.0.0/0 icmptype 0
286 21093 ACCEPT icmp -- enp1s0 * 0.0.0.0/0 0.0.0.0/0 icmptype 3
58782 7449K ACCEPT icmp -- enp1s0 * 0.0.0.0/0 0.0.0.0/0 icmptype 8
4 464 ACCEPT icmp -- enp1s0 * 0.0.0.0/0 0.0.0.0/0 icmptype 11
0 0 ACCEPT udp -- enp1s0 * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
0 0 ACCEPT tcp -- enp1s0 * 0.0.0.0/0 0.0.0.0/0 tcp spt:67 dpt:68
493 57846 ACCEPT udp -- * * 0.0.0.0/0 x.x.x.x udp dpt:1194
347 19152 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:1194
1612K 115M ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:22
0 0 ACCEPT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:81
322K 45M ACCEPT udp -- enp1s0 * 0.0.0.0/0 0.0.0.0/0 udp dpts:1024:65535 state RELATED,ESTABLISHED
9320K 13G ACCEPT tcp -- enp1s0 * 0.0.0.0/0 0.0.0.0/0 tcp dpts:1024:65535 state RELATED,ESTABLISHED
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set snortsam_SELF src,dst,dst
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set snortsam_EGRESS dst
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set snortsam_INGRESS src
24857 1293K DROP all -- * * 192.168.x.236 0.0.0.0/0
189K 11M DROP all -- * * 192.168.x.207 0.0.0.0/0
20219 971K DROP all -- * * 192.168.x.49 0.0.0.0/0
3144K 198M ACCEPT tcp -- * * 0.0.0.0/0 192.168.x.237 tcp dpt:80
1557 169K ACCEPT tcp -- * * 0.0.0.0/0 192.168.x.237 tcp dpt:22
3146K 292M ACCEPT tcp -- * * 0.0.0.0/0 192.168.x.238 tcp dpt:22
6295 383K ACCEPT tcp -- * * 0.0.0.0/0 192.168.x.200 tcp dpt:37777
2222 187K ACCEPT tcp -- * * 0.0.0.0/0 192.168.x.200 tcp dpt:80
2782K 556M ACCEPT all -- * * 192.168.x.0/24 193.201.229.19
23342 2832K ACCEPT all -- * * 192.168.x.0/24 89.252.104.222
608K 219M ACCEPT tcp -- * * 192.168.x.0/24 0.0.0.0/0 tcp dpt:6568
17952 1394K ACCEPT all -- * * 192.168.x.0/24 91.107.114.11
18463 1500K ACCEPT all -- * * 192.168.x.0/24 91.107.114.10
76691 56M ACCEPT all -- * * 192.168.x.0/24 193.201.229.35
0 0 ACCEPT all -- * * 192.168.x.0/24 193.201.229.35
11M 6798M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT all -- pptp+ * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- tun+ * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT icmp -- * * 192.168.x.0/24 0.0.0.0/0 icmptype 0
38 3144 ACCEPT icmp -- * * 192.168.x.0/24 0.0.0.0/0 icmptype 8
0 0 ACCEPT icmp -- * * 192.168.x.0/24 0.0.0.0/0 icmptype 11
2740K 249M DROP all -- * * 192.168.x.0/24 0.0.0.0/0
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set snortsam_SELF src,dst,dst
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 match-set snortsam_EGRESS dst
16M 14G ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * pptp+ 0.0.0.0/0 0.0.0.0/0
59 7550 ACCEPT all -- * tun+ 0.0.0.0/0 0.0.0.0/0
14M 13G ACCEPT all -- * enp2s0 0.0.0.0/0 0.0.0.0/0
95437 11M ACCEPT icmp -- * enp1s0 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT udp -- * enp1s0 0.0.0.0/0 0.0.0.0/0 udp spt:68 dpt:67
0 0 ACCEPT tcp -- * enp1s0 0.0.0.0/0 0.0.0.0/0 tcp spt:68 dpt:67
444 31992 ACCEPT udp -- * enp1s0 x.x.x.x 0.0.0.0/0 udp spt:1194
230 12600 ACCEPT tcp -- * enp1s0 x.x.x.x 0.0.0.0/0 tcp spt:1194
2056K 1657M ACCEPT tcp -- * enp1s0 x.x.x.x 0.0.0.0/0 tcp spt:22
0 0 ACCEPT tcp -- * enp1s0 x.x.x.x 0.0.0.0/0 tcp spt:81
8664K 1289M ACCEPT all -- * enp1s0 0.0.0.0/0 0.0.0.0/0
Chain DROP-lan (0 references)
pkts bytes target prot opt in out source destination
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
iptables -nvL -t nat
Chain PREROUTING (policy ACCEPT 4010K packets, 341M bytes)
pkts bytes target prot opt in out source destination
172K 9186K DNAT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:80 to:192.168.x.237:80
20 1036 DNAT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:9985 to:192.168.x.237:22
94 5308 DNAT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:9986 to:192.168.x.238:22
1217 63728 DNAT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:37777 to:192.168.x.200:37777
362 19188 DNAT tcp -- * * 0.0.0.0/0 x.x.x.x tcp dpt:82 to:192.168.x.200:80
Chain INPUT (policy ACCEPT 683K packets, 52M bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 918K packets, 62M bytes)
pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 495K packets, 34M bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * tun+ 0.0.0.0/0 0.0.0.0/0
17 1020 SNAT tcp -- * * 192.168.x.0/24 192.168.x.237 tcp dpt:80 to:192.168.x.1
0 0 SNAT tcp -- * * 192.168.x.0/24 192.168.x.237 tcp dpt:22 to:192.168.x.1
0 0 SNAT tcp -- * * 192.168.x.0/24 192.168.x.238 tcp dpt:22 to:192.168.x.1
0 0 SNAT tcp -- * * 192.168.x.0/24 192.168.x.200 tcp dpt:37777 to:192.168.x.1
0 0 SNAT tcp -- * * 192.168.x.0/24 192.168.x.200 tcp dpt:80 to:192.168.x.1
604K 38M MASQUERADE all -- * enp1s0 0.0.0.0/0
-
Accepted Answer
So basic networking looks OK and the firewall is not in a panic, but as an aside I hope the LAN subnet X is not 0 or 1 as they are best avoided (but not the cause of your problems).
Can you give me your NICs:
If one is an RTL8111/8168/8411, please change the drivers to the r8168 with a:lspci -k | grep Eth -A 3
Followed by a reboot.yum install kmod-r816*
What is in your firewall:
Please put the results between code tags (the piece of paper icon with a <> on it).iptables -nvL
iptables -nvL -t nat -
Accepted Answer
● firewall.service - ClearOS Firewall Engine
Loaded: loaded (/usr/lib/systemd/system/firewall.service; enabled; vendor preset: disabled)
Active: active (exited) since Fri 2020-09-04 14:48:10 MSK; 1 weeks 2 days ago
Main PID: 1076 (code=exited, status=0/SUCCESS)
CGroup: /system.slice/firewall.service
EXTIF="enp1s0"
LANIF="enp2s0"
DMZIF=""
HOTIF=""
enp1s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet XXX netmask 255.255.255.252 broadcast XXX
--
enp2s0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.X.1 netmask 255.255.255.0 broadcast 192.168.X.255
--
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0 -
Accepted Answer
Please login to post a reply
You will need to be logged in to be able to post a reply. Login using the form on the right or register an account if you are new here.
Register Here »