iptables rules keep showing up

Posted by Omriko on Ask Ubuntu See other posts from Ask Ubuntu or by Omriko
Published on 2014-06-01T15:51:11Z Indexed on 2014/06/01 15:53 UTC
Read the original article Hit count: 481

Filed under:
|
|
|
|

I just installed an ubuntu precise server, after a few weird communications issues I checked the iptables list and found:

Chain INPUT (policy DROP)

target     prot opt source               destination         
ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     tcp  --  10.0.0.0/24          anywhere             tcp spts:1024:65535 dpt:ssh state NEW
ACCEPT     icmp --  anywhere             anywhere             state NEW
ACCEPT     icmp --  anywhere             anywhere             state NEW
ACCEPT     icmp --  anywhere             anywhere             state NEW
ACCEPT     icmp --  anywhere             anywhere             state NEW
DROP       tcp  --  anywhere             anywhere             tcp dpt:10520 state NEW
DROP       udp  --  anywhere             anywhere             udp spts:1:65535 dpt:31337 state NEW
DROP       udp  --  anywhere             anywhere             udp spts:1:65535 dpt:31338 state NEW
DROP       udp  --  anywhere             anywhere             udp spts:1:65535 dpt:54320 state NEW
DROP       udp  --  anywhere             anywhere             udp spts:1:65535 dpt:54321 state NEW
DROP       tcp  --  anywhere             anywhere             tcp dpt:12345 state NEW
DROP       tcp  --  anywhere             anywhere             tcp dpt:12346 state NEW
DROP       tcp  --  anywhere             anywhere             tcp dpt:20034 state NEW
DROP       tcp  --  anywhere             anywhere             tcp dpt:16600 state NEW
DROP       tcp  --  anywhere             anywhere             tcp dpt:16660 state NEW
DROP       tcp  --  anywhere             anywhere             tcp dpt:65000 state NEW
DROP       udp  --  anywhere             anywhere             udp dpt:34555 state NEW
DROP       udp  --  anywhere             anywhere             udp dpt:35555 state NEW
DROP       udp  --  anywhere             anywhere             udp spts:netbios-ns:netbios-dgm dpts:netbios-ns:netbios-dgm state NEW
DROP       tcp  --  anywhere             anywhere             tcp spts:1024:65535 dpt:netbios-ssn state NEW
DROP       tcp  --  anywhere             anywhere             tcp spts:1024:65535 dpt:microsoft-ds state NEW
DROP       udp  --  anywhere             anywhere             udp spt:microsoft-ds dpt:microsoft-ds state NEW
DROP       udp  --  anywhere             anywhere             udp spts:1024:65535 dpt:microsoft-ds state NEW
DROP       tcp  --  anywhere             anywhere             tcp spts:1024:65535 dpt:loc-srv state NEW
DROP       tcp  --  anywhere             anywhere             tcp spts:1024:65535 dpt:5000 state NEW
DROP       tcp  --  anywhere             anywhere             tcp spts:1024:65535 dpts:1025:1029 state NEW
DROP       udp  --  anywhere             anywhere             udp spts:1:65535 dpt:loc-srv state NEW
ACCEPT     tcp  --  anywhere             anywhere             tcp spts:1024:65535 dpt:28082 state NEW
DROP       all  --  anywhere             anywhere             state NEW

Chain FORWARD (policy DROP)

target prot opt source destination

Chain OUTPUT (policy DROP)

target prot opt source destination

ACCEPT     all  --  anywhere             anywhere            
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere             tcp spts:tcpmux:65535 dpts:tcpmux:65535 state NEW
ACCEPT     udp  --  anywhere             anywhere             udp dpts:1:65535 state NEW
ACCEPT     icmp --  anywhere             anywhere             state NEW
ACCEPT     tcp  --  anywhere             anywhere             tcp spts:1024:65535 dpt:28082 state NEW
DROP       all  --  anywhere             anywhere             state NEW

I tried to wipe the rules, I disabled UFW, Ive rewritten and saved iptables rules according to this guide, but every minute or so the old rules return.... I checked crontab for scheduled tasks, there is nothing in there but still these rules appear every minute... please help!

© Ask Ubuntu or respective owner

Related posts about networking

Related posts about server