[plug] What was that? (firewall breached?)

Craig Ringer craig at postnewspapers.com.au
Fri May 16 09:16:26 WST 2003


>>I just had someone walk through my firewall and start an ftp session.
> 
> Ok, I think I have it figured out now. Looks like iptables failed silently 
> (bit disappointing that)

Did iptables fail silently, or was it your iptables /script/ that failed 
silently?

I've never had iptables fail without a useful error message - ever. I've 
had it do exactly what I asked it to (not what I wanted) quite a bit.

> So any good ideas on determining up-ness on iptables? or should I just re 
> init it once an hour?

iptables -L INPUT -n | less
iptables -L FORWARD -n | less
iptables -L OUTPUT -n | less

as for re-initing it... if you're on something like a dialup link or DSL 
with a dynamic IP, you should be flushing and re-initing at every 
connect. Otherwise, there should be no need unless some other program on 
your system is stuffing up your rules.

Craig




More information about the plug mailing list