Condividi:        

IpTables e Guarddog

Per tutti i tuoi problemi Linux entra qui e risolvili!

Moderatori: Anthony47, gunter, zendune

IpTables e Guarddog

Postdi segugiofan » 22/03/05 00:17

Ciao.Ho configurato guarddog sulla mia distro mandrake 10.1 però,mi sono accorto che nei servizi del centro di controllo,alla voce iptables trovo la scritta fermato e selezionata la casella al boot.Nel log boot.log non appare mai che iptables si avvia mentre guarddog invece si.Ho provato a fare il test ShieldsUp e pcflank con risultati di stealth per tutte le porte che ho scansionato.Ho provato anche a cliccare su avvia per avviare iptables però non appare mai in esecuzione ma sempre fermato.E' anomalo questo oppure no?
segugiofan
Utente Senior
 
Post: 955
Iscritto il: 05/08/03 19:53

Sponsor
 

Postdi zendune » 22/03/05 00:29

No, non è anomalo: iptables fornisce le regole per netfilter, il sistema del kernel che filtra i pacchetti.
Vedi guarddog perché viene eseguito lo script generato da GuardDog che crea le regole del firewall mediante iptables.
Per vedere le regole impostate prova il comando iptables -L.
Non exercitus neque thesauri praesidia regni sunt, verum amici, quos neque armis cogere neque auro parare queas: officio et fide pariuntur
Avatar utente
zendune
Moderatore
 
Post: 1660
Iscritto il: 15/03/03 18:34
Località: Brescia

Postdi segugiofan » 22/03/05 00:59

Ho eseguito il comando iptables -L:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
logaborted tcp -- anywhere anywhere state RELATED,ESTABLISHED tcp flags:RST/RST
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
nicfilt all -- anywhere anywhere
srcfilt all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
srcfilt all -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
s1 all -- anywhere anywhere
Chain f0to1 (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:4662 state NEW
ACCEPT udp -- anywhere anywhere udp spts:1024:65535 dpt:4666
logdrop all -- anywhere anywhere
Chain f1to0 (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:http state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:webcache state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:http-alt state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:8000 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:8888 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:4661 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:4662 state NEW
ACCEPT udp -- anywhere anywhere udp spts:1024:cvsup dpt:4665
ACCEPT udp -- anywhere anywhere udp spts:1024:cvsup dpt:4666
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:ftp state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:pop3 state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:https state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:domain state NEW
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpt:smtp state NEW
ACCEPT tcp -- anywhere anywhere tcp spts:1024:cvsup dpts:6660:6669 state NEW
logdrop all -- anywhere anywhere
Chain logaborted (1 references)
target prot opt source destination
logaborted2 all -- anywhere anywhere limit: avg 1/sec burst 10
LOG all -- anywhere anywhere limit: avg 2/min burst 1 LOG level warning prefix `LIMITED '
Chain logaborted2 (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning tcp-sequence tcp-options ip-options prefix `ABORTED '
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
Chain logdrop (4 references)
target prot opt source destination
logdrop2 all -- anywhere anywhere limit: avg 1/sec burst 10
LOG all -- anywhere anywhere limit: avg 2/min burst 1 LOG level warning prefix `LIMITED '
DROP all -- anywhere anywhere
Chain logdrop2 (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning tcp-sequence tcp-options ip-options prefix `DROPPED '
DROP all -- anywhere anywhere
Chain logreject (0 references)
target prot opt source destination
logreject2 all -- anywhere anywhere limit: avg 1/sec burst 10
LOG all -- anywhere anywhere limit: avg 2/min burst 1 LOG level warning prefix `LIMITED '
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable
DROP all -- anywhere anywhere
Chain logreject2 (1 references)
target prot opt source destination
LOG all -- anywhere anywhere LOG level warning tcp-sequence tcp-options ip-options prefix `REJECTED '
REJECT tcp -- anywhere anywhere reject-with tcp-reset
REJECT udp -- anywhere anywhere reject-with icmp-port-unreachable
DROP all -- anywhere anywhere
Chain nicfilt (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
logdrop all -- anywhere anywhere
Chain s0 (1 references)
target prot opt source destination
f0to1 all -- anywhere localhost
logdrop all -- anywhere anywhere
Chain s1 (1 references)
target prot opt source destination
f1to0 all -- anywhere anywhere
Chain srcfilt (2 references)
target prot opt source destination
s0 all -- anywhere anywhere
Le regole,e ci sono,allora è tutto apposto?
segugiofan
Utente Senior
 
Post: 955
Iscritto il: 05/08/03 19:53

Postdi zendune » 22/03/05 15:46

Sì, le regole ci sono.
Non exercitus neque thesauri praesidia regni sunt, verum amici, quos neque armis cogere neque auro parare queas: officio et fide pariuntur
Avatar utente
zendune
Moderatore
 
Post: 1660
Iscritto il: 15/03/03 18:34
Località: Brescia

Postdi segugiofan » 22/03/05 19:12

Grazie ;)
segugiofan
Utente Senior
 
Post: 955
Iscritto il: 05/08/03 19:53


Torna a Software Linux


Topic correlati a "IpTables e Guarddog":

Info su GUARDDOG
Autore: mandark
Forum: Software Linux
Risposte: 3
Kernel e Iptables[RISOLTO]
Autore: gunter
Forum: Software Linux
Risposte: 3

Chi c’è in linea

Visitano il forum: Nessuno e 25 ospiti