Author Topic: How to identify iptables rules  (Read 1628 times)

zzeroo

  • Zen Apprentice
  • *
  • Posts: 17
  • Karma: +0/-0
  • I don't like IT, but IT likes me.
    • View Profile
    • zzeroos blog
How to identify iptables rules
« on: June 20, 2013, 11:05:05 am »
Hello,

I've a zentyal community domain controller up an running fine (Core version 3.0.21).

The only problem current is annoying entries in the syslog (/var/log/syslog) like thes two.

Code: [Select]
Jun 20 10:48:14 domain01 kernel: [441822.530287] ebox-firewall drop IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:ff:50:c2:a1:67:02:08:00 SRC=192.168.0.115 DST=255.255.255.255 LEN=60 TOS=0x00 PREC=0x00 TTL=128 ID=47 PROTO=UDP SPT=1026 DPT=8112 LEN=40 MARK=0x1
Jun 20 10:48:18 domain01 kernel: [441826.529210] ebox-firewall drop IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:ff:50:c2:a1:67:02:08:00 SRC=192.168.0.115 DST=255.255.255.255 LEN=60 TOS=0x00 PREC=0x00 TTL=128 ID=48 PROTO=UDP SPT=1026 DPT=8112 LEN=40 MARK=0x1

Now my questions
  1. Which iptables rule is responsible for this?
  2. How can i change this (via the WebGUI allow UDP for this two IP Addresses doesn't work).   
I don't like IT, but IT likes me.

jbahillo

  • Zentyal Staff
  • Zen Hero
  • *****
  • Posts: 1444
  • Karma: +77/-2
    • View Profile
Re: How to identify iptables rules
« Reply #1 on: June 20, 2013, 11:59:50 am »
Hi there:

I think this might help you in diagnosing which rule is the culprit of such drop:

http://serverfault.com/questions/78240/debugging-rules-in-iptables

The way to fix will depend on which rule it is hitting and how you would like to redefine it


zzeroo

  • Zen Apprentice
  • *
  • Posts: 17
  • Karma: +0/-0
  • I don't like IT, but IT likes me.
    • View Profile
    • zzeroos blog
Re: How to identify iptables rules
« Reply #2 on: June 21, 2013, 12:40:17 pm »
Thank You,

For the record here some may find additional information about the theme: http://adminberlin.de/iptables-debugging/
I don't like IT, but IT likes me.