Iptables ignoring a rule in the config file

Posted by Overdeath on Server Fault See other posts from Server Fault or by Overdeath
Published on 2011-02-07T22:47:05Z Indexed on 2011/02/07 23:27 UTC
Read the original article Hit count: 255

Filed under:
|

I see lot of established connections to my apache server from the ip 188.241.114.22 which eventually causes apache to hang . After I restart the service everything works fine. I tried adding a rule in iptables

-A INPUT -s 188.241.114.22 -j DROP

but despite that I keep seeing connections from that IP. I'm using centOS and i'm adding the rule like thie:

iptables -A INPUT -s 188.241.114.22 -j DROP

Right afther that I save it using: service iptables save Here is the output of iptables -L -v ` Chain INPUT (policy ACCEPT 120K packets, 16M bytes)

 pkts bytes target     prot opt in     out     source               destination
0     0 DROP       all  --  any    any     lg01.mia02.pccwbtn.net  anywhere
0     0 DROP       all  --  any    any     c-98-210-5-174.hsd1.ca.comcast.net  anywhere
0     0 DROP       all  --  any    any     c-98-201-5-174.hsd1.tx.comcast.net  anywhere
0     0 DROP       all  --  any    any     lg01.mia02.pccwbtn.net  anywhere
0     0 DROP       all  --  any    any     www.dabacus2.com     anywhere
0     0 DROP       all  --  any    any     116.255.163.100      anywhere
0     0 DROP       all  --  any    any     94.23.119.11         anywhere
0     0 DROP       all  --  any    any     164.bajanet.mx       anywhere
0     0 DROP       all  --  any    any     173-203-71-136.static.cloud-ips.com  anywhere
0     0 DROP       all  --  any    any     v1.oxygen.ro         anywhere
0     0 DROP       all  --  any    any     74.122.177.12        anywhere
0     0 DROP       all  --  any    any     58.83.227.150        anywhere
0     0 DROP       all  --  any    any     v1.oxygen.ro         anywhere
0     0 DROP       all  --  any    any     v1.oxygen.ro         anywhere

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 186K packets, 224M bytes) pkts bytes target prot opt in out source destination `

© Server Fault or respective owner

Related posts about linux

Related posts about iptables