Search found 15 matches

by gwatson
2024/02/08 11:36:14
Forum: CentOS 7 - Networking Support
Topic: Two NICs one Internet
Replies: 2
Views: 935

Re: Two NICs one Internet

Thank you for the reply jlehtone ! It looks like you have the scenario correct. Your option # 1 is a no go for me as in these instances I typically dont have access to the routers, so adding routing to them is not an option. Option 2 sounds promising as it looks like I dont need to touch the router ...
by gwatson
2024/02/07 16:47:18
Forum: CentOS 7 - Networking Support
Topic: Two NICs one Internet
Replies: 2
Views: 935

Two NICs one Internet

Hello all, I have a pbx with a centos OS with 2 NIC's with phones running off of 1 interface with no internet access and a 2nd interface that is connected to the local lan with access to the internet. Phones are on PBX NIC 1 on the 10.1.1.x/24 subnet with the pbx at 10.1.1.2. Phones do not have a ga...
by gwatson
2019/05/23 10:14:25
Forum: CentOS 7 - Networking Support
Topic: Attackers getting past IPTables
Replies: 16
Views: 2853

Re: Attackers getting past IPTables

If I look at the tcpdump @TrevorH, I dont see any replies back to the offending IP's in the Destination, they only show up in the source - is this what you mean? @jlehtone, yes one would have to wonder why you would have to Accept the allowed address if you have to reject the Drop address. Is your s...
by gwatson
2019/05/23 09:44:50
Forum: CentOS 7 - Networking Support
Topic: Attackers getting past IPTables
Replies: 16
Views: 2853

Re: Attackers getting past IPTables

Sorry, I missed page 2 and didnt see replies to @billwest
by gwatson
2019/05/23 09:41:50
Forum: CentOS 7 - Networking Support
Topic: Attackers getting past IPTables
Replies: 16
Views: 2853

Re: Attackers getting past IPTables

I have that in there @billwest, are you saying I should move it? #!/bin/bash # # iptables example configuration script # # Flush all current rules from iptables # iptables -F # # Allow SSH connections on tcp port 22 # This is essential when working on remote servers via SSH to prevent locking yourse...
by gwatson
2019/05/23 01:06:31
Forum: CentOS 7 - Networking Support
Topic: Attackers getting past IPTables
Replies: 16
Views: 2853

Re: Attackers getting past IPTables

So I shouldnt be worried about seeing that traffic? Is there a way to check on the other side of the firewall to see if anything is getting past? I would rather not have to explicitly block an address or subnet, is there a way I can block all traffic and only allow certain ip addresses or subnets? T...
by gwatson
2019/05/23 00:59:38
Forum: CentOS 7 - Networking Support
Topic: Attackers getting past IPTables
Replies: 16
Views: 2853

Re: Attackers getting past IPTables

Here's output from iptables -nvL [root~]# iptables -nvL Chain INPUT (policy DROP 1466 packets, 559K bytes) pkts bytes target prot opt in out source destination 395 30566 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 633K 1735M ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 4845K 1013M ACCEPT all -- * * 0...
by gwatson
2019/05/22 11:04:58
Forum: CentOS 7 - Networking Support
Topic: Attackers getting past IPTables
Replies: 16
Views: 2853

Re: Attackers getting past IPTables

Are you able to point out where that is directive is coming from based on that script I have setting up the rules? Do I have something out of place? I dont see any accept all The only thing before the DROP commands are # iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT ACCEPT # # S...
by gwatson
2019/05/22 02:22:41
Forum: CentOS 7 - Networking Support
Topic: Attackers getting past IPTables
Replies: 16
Views: 2853

Re: Attackers getting past IPTables

Pretty sure Firewalld is not running - it is using iptables firewall-cmd --state not running [root]# iptables -L -n Chain INPUT (policy DROP) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELA...
by gwatson
2019/05/21 20:59:31
Forum: CentOS 7 - Networking Support
Topic: Attackers getting past IPTables
Replies: 16
Views: 2853

Attackers getting past IPTables

Hello all, Running Centos 7 and have IPTables set to block most inbound traffic. However some attackers are getting past the firewall. System is a pbx running Asterisk software and port 5060 is forwarded from the hardware firewall. I want to be able to accept traffic from only a few IP Addresses (or...