Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: iptables: banned IP making it through!
Special Forums IP Networking iptables: banned IP making it through! Post 302508001 by putter1900 on Friday 25th of March 2011 11:17:42 AM
Old 03-25-2011
iptables: banned IP making it through!
Hey folks!

Debian VPS running on proxmox host.
Linux ve2 2.6.18-3-pve #1 SMP Mon Sep 20 14:57:48 CEST 2010 i686

I have a most perplexing problem. I have 17 Drop rules in place in this VPS - and one of the banned ranges is making it through. (It happens to be a Googlebot).

Here is the rule from iptables -L w/line numbers
2 DROP all -- 66.249.0.0 0.0.0.0/0

(The reason I'm blocking this is to cut down on the noise in webserver logs BTW)

When I checked logs this morning I was totally horrified to discover that several IP's from that range had been crawling the site. (Not that they shouldn't, but this meant that iptables wasn't "working"). Until yesterday no 66.249.*.* IP had been in since I deployed iptables.

How do I troubleshoot this? What could possibly be wrong? Smilie

Umm, although I'd prefer not to, nevertheless I have to scream "help" here. Smilie

TIA for any pointers, I'm completely stumped.

Regards,
putter
 

LEARN ABOUT SUNOS

iptables-apply

IPTABLES-APPLY(8)						  iptables 1.6.1						 IPTABLES-APPLY(8)

NAME

       iptables-apply - a safer way to update iptables remotely

SYNOPSIS

       iptables-apply [-hV] [-t timeout] [-w savefile] {[rulesfile]|-c [runcmd]}

DESCRIPTION

       iptables-apply  will  try  to  apply  a	new rulesfile (as output by iptables-save, read by iptables-restore) or run a command to configure
       iptables and then prompt the user whether the changes are okay. If the new iptables rules cut the existing connection, the user will not be
       able to answer affirmatively. In this case, the script rolls back to the previous working iptables rules after the timeout expires.

       Successfully applied rules can also be written to savefile and later used to roll back to this state. This can be used to implement a store
       last good configuration mechanism when experimenting with an iptables setup script:  iptables-apply  -w	/etc/network/iptables.up.rules	-c
       /etc/network/iptables.up.run

       When called as ip6tables-apply, the script will use ip6tables-save/-restore and IPv6 default values instead. Default value for rulesfile is
       '/etc/network/iptables.up.rules'.

OPTIONS

       -t seconds, --timeout seconds
	      Sets the timeout in seconds after which the script will roll back to the previous ruleset (default: 10).

       -w savefile, --write savefile
	      Specify  the  savefile  where  successfully  applied  rules  will   be   written	 to   (default	 if   empty   string   is   given:
	      /etc/network/iptables.up.rules).

       -c runcmd, --command runcmd
	      Run command runcmd to configure iptables instead of applying a rulesfile (default: /etc/network/iptables.up.run).

       -h, --help
	      Display usage information.

       -V, --version
	      Display version information.

SEE ALSO

       iptables-restore(8), iptables-save(8), iptables(8).

LEGALESE

       Original  iptables-apply  -  Copyright  2006 Martin F. Krafft <madduck@madduck.net>.  Version 1.1 - Copyright 2010 GW <gw.2010@tnode.com or
       http://gw.tnode.com/>.

       This manual page was written by Martin F. Krafft <madduck@madduck.net> and extended by GW <gw.2010@tnode.com or http://gw.tnode.com/>.

       Permission is granted to copy, distribute and/or modify this document under the terms of the Artistic License 2.0.

iptables 1.6.1															 IPTABLES-APPLY(8)
All times are GMT -4. The time now is 08:18 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy