bugzilla-daemon at netfilter.org
2014-Sep-22 18:24 UTC
[Bug 971] New: Dropping anything with iptables and still can chat on IRC.
https://bugzilla.netfilter.org/show_bug.cgi?id=971 Summary: Dropping anything with iptables and still can chat on IRC. Product: iptables Version: 1.4.x Platform: x86_64 OS/Version: Ubuntu Status: NEW Severity: critical Priority: P5 Component: iptables AssignedTo: netfilter-buglog at lists.netfilter.org ReportedBy: thorstenkfr at gmail.com Estimated Hours: 0.0 My iptables script is this here : #!/bin/sh iptables-restore <<END # Generated by iptables-save v1.4.21 on Mon Sep 22 17:45:30 2014 *filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT DROP [2:441] -A INPUT -p tcp --sport 80 -j ACCEPT -A INPUT -p tcp --sport 443 -j ACCEPT -A INPUT -p udp -m udp --dport 53 -j ACCEPT -A INPUT -p udp -m udp --sport 53 -j ACCEPT -A INPUT -j LOG -A OUTPUT -p tcp --dport 80 -j ACCEPT -A OUTPUT -p tcp --dport 443 -j ACCEPT -A OUTPUT -p udp -m udp --sport 53 -j ACCEPT -A OUTPUT -p udp -m udp --dport 53 -j ACCEPT -A OUTPUT -j LOG COMMIT # Completed on Mon Sep 22 17:45:30 2014 END It should block anything but http, https and domain. But I still can chat on IRC on the linux box with these rules installed. Looks like I have been hacked, or there is a bug. -- Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching all bug changes.
bugzilla-daemon at netfilter.org
2016-Mar-10 17:32 UTC
[Bug 971] Dropping anything with iptables and still can chat on IRC.
https://bugzilla.netfilter.org/show_bug.cgi?id=971 Piyush Pangtey <gokuvsvegita at gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED CC| |gokuvsvegita at gmail.com Resolution|--- |FIXED -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20160310/b381992c/attachment.html>
bugzilla-daemon at netfilter.org
2016-Mar-10 18:52 UTC
[Bug 971] Dropping anything with iptables and still can chat on IRC.
https://bugzilla.netfilter.org/show_bug.cgi?id=971 Pablo Neira Ayuso <pablo at netfilter.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |pablo at netfilter.org Resolution|FIXED |INVALID -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20160310/96dba732/attachment.html>
Reasonably Related Threads
- [Bug 916] New: Build failure on Slackware 14.1 (./configure rejects libreadline.so)
- Centos 7 (using iptables) removed firewalld
- [Bug 1324] New: with kernel 4.20.11 ip6table REDIRECT, process listening on redirected port does not get a packet
- IRC Chat Room
- Centos 7 (using iptables) removed firewalld