Hi All,
I'm having issues with Ham/Spam filtering as mentioned in another post, but I thought as a temporary measure I would block the IP address they seem to be using (50.7.216.110), so as you can see in the following iptable -L view, it's there, but it's not "Drop"ping like it should be doing. I'm placing it in the Firewall/Packet Filter/Filtering rules from external networks to Zentyal, which I believe is the correct place to put this rule:
Chain iexternal (1 references)
target prot opt source destination
drop all -- 50.7.216.110 anywhere state NEW
If I'm putting this in the wrong place, please let me know where I should be placing it instead, or is this a small bug?
Thanks in advance.
Gareth
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
idrop all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
inospoof all -- anywhere anywhere
iexternalmodules all -- anywhere anywhere
iexternal all -- anywhere anywhere
inoexternal all -- anywhere anywhere
imodules all -- anywhere anywhere
iintservs all -- anywhere anywhere
iglobal all -- anywhere anywhere
ACCEPT icmp !f anywhere anywhere icmp echo-request state NEW
ACCEPT icmp !f anywhere anywhere icmp echo-reply state NEW
ACCEPT icmp !f anywhere anywhere icmp destination-unreachable state NEW
ACCEPT icmp !f anywhere anywhere icmp source-quench state NEW
ACCEPT icmp !f anywhere anywhere icmp time-exceeded state NEW
ACCEPT icmp !f anywhere anywhere icmp parameter-problem state NEW
idrop all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
fdrop all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
fnospoof all -- anywhere anywhere
fredirects all -- anywhere anywhere
fmodules all -- anywhere anywhere
ffwdrules all -- anywhere anywhere
fnoexternal all -- anywhere anywhere
fdns all -- anywhere anywhere
fobjects all -- anywhere anywhere
fglobal all -- anywhere anywhere
ACCEPT icmp !f anywhere anywhere icmp echo-request state NEW
ACCEPT icmp !f anywhere anywhere icmp echo-reply state NEW
ACCEPT icmp !f anywhere anywhere icmp destination-unreachable state NEW
ACCEPT icmp !f anywhere anywhere icmp source-quench state NEW
ACCEPT icmp !f anywhere anywhere icmp time-exceeded state NEW
ACCEPT icmp !f anywhere anywhere icmp parameter-problem state NEW
fdrop all -- anywhere anywhere
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
odrop all -- anywhere anywhere state INVALID
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ointernal all -- anywhere anywhere
omodules all -- anywhere anywhere
oglobal all -- anywhere anywhere
ACCEPT icmp !f anywhere anywhere icmp echo-request state NEW
ACCEPT icmp !f anywhere anywhere icmp echo-reply state NEW
ACCEPT icmp !f anywhere anywhere icmp destination-unreachable state NEW
ACCEPT icmp !f anywhere anywhere icmp source-quench state NEW
ACCEPT icmp !f anywhere anywhere icmp time-exceeded state NEW
ACCEPT icmp !f anywhere anywhere icmp parameter-problem state NEW
odrop all -- anywhere anywhere
Chain drop (13 references)
target prot opt source destination
DROP all -- anywhere anywhere
Chain fdns (1 references)
target prot opt source destination
ACCEPT udp -- anywhere host***-***-***-***.in-addr.btopenworld.com state NEW udp dpt:domain
ACCEPT tcp -- anywhere host***-***-***-***.in-addr.btopenworld.com state NEW tcp dpt:domain
ACCEPT udp -- anywhere google-public-dns-a.google.com state NEW udp dpt:domain
ACCEPT tcp -- anywhere google-public-dns-a.google.com state NEW tcp dpt:domain
ACCEPT udp -- anywhere google-public-dns-b.google.com state NEW udp dpt:domain
ACCEPT tcp -- anywhere google-public-dns-b.google.com state NEW tcp dpt:domain
Chain fdrop (6 references)
target prot opt source destination
drop all -- anywhere anywhere
Chain ffwdrules (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fglobal (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3
ACCEPT all -- anywhere anywhere
Chain fmodules (1 references)
target prot opt source destination
Chain fnoexternal (1 references)
target prot opt source destination
fdrop all -- anywhere anywhere state NEW
Chain fnospoof (1 references)
target prot opt source destination
fnospoofmodules all -- anywhere anywhere
fdrop all -- 192.168.2.0/24 anywhere
fdrop all -- host***-***-***-***.in-addr.btopenworld.com/29 anywhere
Chain fnospoofmodules (1 references)
target prot opt source destination
Chain fobjects (1 references)
target prot opt source destination
Chain fredirects (1 references)
target prot opt source destination
Chain ftoexternalonly (0 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
fdrop all -- anywhere anywhere
Chain idrop (5 references)
target prot opt source destination
drop all -- anywhere anywhere
Chain iexternal (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
RETURN all -- anywhere anywhere
drop all -- 50.7.216.110 anywhere state NEW
ACCEPT udp -- anywhere anywhere udp dpt:imaps state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:imaps state NEW
ACCEPT udp -- anywhere anywhere udp dpt:submission state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:submission state NEW
ACCEPT udp -- anywhere anywhere udp dpt:https state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:https state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:http-alt state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:8443 state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:236 state NEW
drop tcp -- anywhere anywhere tcp dpt:8110 state NEW
drop tcp -- anywhere anywhere tcp dpt:submission state NEW
drop tcp -- anywhere anywhere tcp dpt:imap2 state NEW
drop tcp -- anywhere anywhere tcp dpt:pop3s state NEW
drop tcp -- anywhere anywhere tcp dpt:imaps state NEW
drop tcp -- anywhere anywhere tcp dpt:pop3 state NEW
drop tcp -- anywhere anywhere tcp dpt:4190 state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:ssmtp state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp state NEW
Chain iexternalmodules (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
RETURN all -- anywhere anywhere
Chain iglobal (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:8888 state NEW
ACCEPT udp -- anywhere anywhere udp spt:236 state NEW
ACCEPT tcp -- anywhere anywhere tcp spt:236 state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:http-alt state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:8443 state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:236 state NEW
ACCEPT udp -- anywhere anywhere udp dpt:netbios-dgm state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-dgm state NEW
ACCEPT udp -- anywhere anywhere udp dpt:microsoft-ds state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:microsoft-ds state NEW
ACCEPT udp -- anywhere anywhere udp dpt:netbios-ns state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ns state NEW
ACCEPT udp -- anywhere anywhere udp dpt:netbios-ssn state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ssn state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:8110 state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:submission state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:imap2 state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3s state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:imaps state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:4190 state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:ssmtp state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:smtp state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp-data state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:ftp state NEW
drop tcp -- anywhere anywhere tcp dpt:ldap state NEW
drop tcp -- anywhere anywhere tcp dpt:6677 state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:https state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:www state NEW
ACCEPT udp -- anywhere anywhere udp dpt:ntp state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:domain state NEW
ACCEPT udp -- anywhere anywhere udp dpt:domain state NEW
ACCEPT udp -- anywhere anywhere udp dpt:bootps state NEW
ACCEPT udp -- anywhere anywhere udp dpt:tftp state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:ssh state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:442 state NEW
Chain iintservs (1 references)
target prot opt source destination
Chain imodules (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:10024
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:8110
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:3129
DROP tcp -- anywhere anywhere state NEW tcp dpt:3128
Chain inoexternal (1 references)
target prot opt source destination
idrop all -- anywhere anywhere state NEW
Chain inointernal (0 references)
target prot opt source destination
Chain inospoof (1 references)
target prot opt source destination
inospoofmodules all -- anywhere anywhere
idrop all -- 192.168.2.0/24 anywhere
idrop all -- host217-40-232-56.in-addr.btopenworld.com/29 anywhere
Chain inospoofmodules (1 references)
target prot opt source destination
Chain log (0 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain odrop (2 references)
target prot opt source destination
drop all -- anywhere anywhere
Chain oglobal (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:pop3 state NEW
ACCEPT all -- anywhere anywhere state NEW
Chain ointernal (1 references)
target prot opt source destination
ACCEPT udp -- anywhere host***-***-***-***.in-addr.btopenworld.com state NEW udp dpt:domain
ACCEPT tcp -- anywhere host***-***-***-***.in-addr.btopenworld.com state NEW tcp dpt:domain
ACCEPT udp -- anywhere google-public-dns-a.google.com state NEW udp dpt:domain
ACCEPT tcp -- anywhere google-public-dns-a.google.com state NEW tcp dpt:domain
ACCEPT udp -- anywhere google-public-dns-b.google.com state NEW udp dpt:domain
ACCEPT tcp -- anywhere google-public-dns-b.google.com state NEW tcp dpt:domain
ACCEPT all -- anywhere anywhere state NEW
ACCEPT udp -- anywhere kif.zentyal.com state NEW udp dpt:openvpn
ACCEPT udp -- anywhere ns.cloud.zentyal.com state NEW udp dpt:domain
ACCEPT tcp -- anywhere ws1.cloud.zentyal.com state NEW tcp dpt:https
ACCEPT tcp -- anywhere ws2.cloud.zentyal.com state NEW tcp dpt:https
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:domain
ACCEPT udp -- anywhere anywhere state NEW udp dpt:domain
Chain omodules (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere tcp dpt:www
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:smtp
ACCEPT tcp -- anywhere anywhere tcp dpt:10025
ACCEPT tcp -- anywhere anywhere tcp dpt:www
ACCEPT tcp -- anywhere anywhere state NEW tcp spt:netbios-ns
ACCEPT udp -- anywhere anywhere state NEW udp spt:netbios-ns
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:netbios-ns
ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-ns
ACCEPT tcp -- anywhere anywhere state NEW tcp spt:netbios-dgm
ACCEPT udp -- anywhere anywhere state NEW udp spt:netbios-dgm
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:netbios-dgm
ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-dgm
ACCEPT tcp -- anywhere anywhere state NEW tcp spt:netbios-ssn
ACCEPT udp -- anywhere anywhere state NEW udp spt:netbios-ssn
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:netbios-ssn
ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-ssn
ACCEPT tcp -- anywhere anywhere state NEW tcp spt:microsoft-ds
ACCEPT udp -- anywhere anywhere state NEW udp spt:microsoft-ds
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:microsoft-ds
ACCEPT udp -- anywhere anywhere state NEW udp dpt:microsoft-ds
ACCEPT tcp -- anywhere anywhere state NEW tcp spt:netbios-ns
ACCEPT udp -- anywhere anywhere state NEW udp spt:netbios-ns
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:netbios-ns
ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-ns
ACCEPT tcp -- anywhere anywhere state NEW tcp spt:netbios-dgm
ACCEPT udp -- anywhere anywhere state NEW udp spt:netbios-dgm
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:netbios-dgm
ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-dgm
ACCEPT tcp -- anywhere anywhere state NEW tcp spt:netbios-ssn
ACCEPT udp -- anywhere anywhere state NEW udp spt:netbios-ssn
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:netbios-ssn
ACCEPT udp -- anywhere anywhere state NEW udp dpt:netbios-ssn
ACCEPT tcp -- anywhere anywhere state NEW tcp spt:microsoft-ds
ACCEPT udp -- anywhere anywhere state NEW udp spt:microsoft-ds
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:microsoft-ds
ACCEPT udp -- anywhere anywhere state NEW udp dpt:microsoft-ds
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:www
ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https