Code:
Dec 12 21:54:00 zdici kernel: [ 7755.230085] iptables denied: IN=eth0 OUT= MAC=8e:9b:65:4e:60:9c:40:a6:77:34:67:f0:08:00 SRC=104.199.33.124 DST=139.59.154.81 LEN=912 TOS=0x00 PREC=0x00 TTL=48 ID=18552 PROTO=UDP SPT=500 DPT=500 LEN=892
Dec 12 21:54:09 zdici kernel: [ 7764.230297] iptables denied: IN=eth0 OUT= MAC=8e:9b:65:4e:60:9c:40:a6:77:34:67:f0:08:00 SRC=104.199.33.124 DST=139.59.154.81 LEN=912 TOS=0x00 PREC=0x00 TTL=48 ID=22313 PROTO=UDP SPT=500 DPT=500 LEN=892
Dec 12 21:54:00 zdici kernel: [ 7755.230085] iptables denied: IN=eth0 OUT= MAC=8e:9b:65:4e:60:9c:40:a6:77:34:67:f0:08:00 SRC=104.199.33.124 DST=139.59.154.81 LEN=912 TOS=0x00 PREC=0x00 TTL=48 ID=18552 PROTO=UDP SPT=500 DPT=500 LEN=892
Dec 12 21:54:09 zdici kernel: [ 7764.230297] iptables denied: IN=eth0 OUT= MAC=8e:9b:65:4e:60:9c:40:a6:77:34:67:f0:08:00 SRC=104.199.33.124 DST=139.59.154.81 LEN=912 TOS=0x00 PREC=0x00 TTL=48 ID=22313 PROTO=UDP SPT=500 DPT=500 LEN=892
nije mi jasno ovo iptables denied:
iptables -S izgleda ovako
Code:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N syn_flood
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j syn_flood
-A FORWARD -j DROP
-A OUTPUT -j ACCEPT
-A syn_flood -m limit --limit 1/sec --limit-burst 3 -j RETURN
-A syn_flood -j DROP
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N syn_flood
-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -j syn_flood
-A FORWARD -j DROP
-A OUTPUT -j ACCEPT
-A syn_flood -m limit --limit 1/sec --limit-burst 3 -j RETURN
-A syn_flood -j DROP
IP je blokirana preko itables-a, medjutim...ne znam sta se desava. Portal ne radi 3 dana zbog SNY flood-a.
Molim za neku pomoć, savjet, sta-kako i slično. Hvala unaprijed ekipa