Help needed to understand Iptables white list

VitalPBX Community Support General Discussion Help needed to understand Iptables white list

  • Post
    • October 29, 2018 at 5:38 pm
    Gary
    Participant

    I am having trouble connecting to a server from a certain ip address, this address is entered into the firewall white list but no connections are allowed, when I check from the command line with iptables -L instead of having the ip address  I entered in the gui xxx.xxx.xxx.xxx it shows unallocated-static.rogers.com as white listed. not sure how this is changed from xxx.xxx.xxx.xxx to unallocated-static.rogers.com but is there away to prevent this or manually enter the address I wont.

    Other white list entry’s are working properly.

     

    0
Viewing 5 replies - 1 through 5 (of 5 total)
  • Replies
    • October 29, 2018 at 5:59 pm
    Gary
    Participant
    Up
    0
    Down

    I found using the iptables -L -n command it shows the correct ip address but I still can not connect from that address, I checked the gui Intrusion Detection ban list and it is empty.

     

    0
    • October 29, 2018 at 6:08 pm
    oromero31
    Participant
    Up
    0
    Down

    Could you to run wireshar to get a tracert? 

    0
    • October 29, 2018 at 6:18 pm
    Gary
    Participant
    Up
    0
    Down

    That will require me to be on that site to try connecting again, I can go there on Wednesday and do a capture, Thanks.

    0
    • October 29, 2018 at 6:25 pm
    Gary
    Participant
    Up
    0
    Down

    Is there away from the command line to check for banned ip”s

    0
    • October 29, 2018 at 6:34 pm
    oromero31
    Participant
    Up
    0
    Down

    Yes, you can uses this commands:

    Ver comando de fail2ban
    [root@vitalpbx ~]# man fail2ban-client

    Ver clientes baneas por ssh:
    [root@vitalpbx ~]# fail2ban-client status sshd

    Ver clientes baneas por asterisk:
    [root@vitalpbx ~]# fail2ban-client status asterisk

    Desbanear un IP
    [root@vitalpbx ~]# fail2ban-client set sshd unbanip 192.168.31.29

    Banear un IP
    [root@vitalpbx ~]# fail2ban-client set sshd banip 192.168.31.29

    Bloquear IP con el Iptables:
    iptables -I INPUT 1 -s IP -j DROP

    Desbloquear IP del Iptables:
    iptables -D INPUT -s IP -j DROP

    0
Viewing 5 replies - 1 through 5 (of 5 total)
  • You must be logged in to reply to this topic.