Iptables ignoring a rule in the config file
Posted
by
Overdeath
on Server Fault
See other posts from Server Fault
or by Overdeath
Published on 2011-02-07T22:47:05Z
Indexed on
2011/02/07
23:27 UTC
Read the original article
Hit count: 255
I see lot of established connections to my apache server from the ip 188.241.114.22 which eventually causes apache to hang . After I restart the service everything works fine. I tried adding a rule in iptables
-A INPUT -s 188.241.114.22 -j DROP
but despite that I keep seeing connections from that IP. I'm using centOS and i'm adding the rule like thie:
iptables -A INPUT -s 188.241.114.22 -j DROP
Right afther that I save it using: service iptables save Here is the output of iptables -L -v ` Chain INPUT (policy ACCEPT 120K packets, 16M bytes)
pkts bytes target prot opt in out source destination
0 0 DROP all -- any any lg01.mia02.pccwbtn.net anywhere
0 0 DROP all -- any any c-98-210-5-174.hsd1.ca.comcast.net anywhere
0 0 DROP all -- any any c-98-201-5-174.hsd1.tx.comcast.net anywhere
0 0 DROP all -- any any lg01.mia02.pccwbtn.net anywhere
0 0 DROP all -- any any www.dabacus2.com anywhere
0 0 DROP all -- any any 116.255.163.100 anywhere
0 0 DROP all -- any any 94.23.119.11 anywhere
0 0 DROP all -- any any 164.bajanet.mx anywhere
0 0 DROP all -- any any 173-203-71-136.static.cloud-ips.com anywhere
0 0 DROP all -- any any v1.oxygen.ro anywhere
0 0 DROP all -- any any 74.122.177.12 anywhere
0 0 DROP all -- any any 58.83.227.150 anywhere
0 0 DROP all -- any any v1.oxygen.ro anywhere
0 0 DROP all -- any any v1.oxygen.ro anywhere
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 186K packets, 224M bytes) pkts bytes target prot opt in out source destination `
© Server Fault or respective owner