iptables help - can't externally access the server

  • So a while back there were lots of attempted accesses to my server, so I got a little paranoid and locked everything down 100%. I turned off all router remote operation, installed fail2ban, setup iptables, a separate blocklist script, ssh private key logins, turned off admin/root logins, removed sudo/admin privileges from my own user account, and closed all router port forwarding. Now I'm trying to loosen the laces a bit and allow for just a couple externally open ports, but I can't seem to access still. Was wondering if someone would be kind enough to point out the mistake :(. Thank you ^^


    iptable rules >>


    P.S. I was told on IRC that I should just get rid of the iptables all together, they said I already had done everything already and iptables ar overkill and not needed. True? ?(

    Modpic.gif

    Dell Precision T3500
    Processor:
    Intel Core i7 960 @3.2ghz
    Memory:
    26GB RAM
    Kernel: Linux 5.10.0-0.bpo.9-amd64
    Version: 5.6.2-1 (Usul) Debian Buster [From Fresh Install of 5]

    • Offizieller Beitrag

    I can't tell you what rule is wrong is your setup because i don't know how your network is being setted up.


    But start adding the rules one by one until you find the one blocking, or add a log entry to the last one and start deleting from bottom to top until you find the one. There is also a #Netfilter channel in IRC freenode, you can get better help there.

  • I can't tell you what rule is wrong is your setup because i don't know how your network is being setted up.


    But start adding the rules one by one until you find the one blocking, or add a log entry to the last one and start deleting from bottom to top until you find the one. There is also a #Netfilter channel in IRC freenode, you can get better help there.


    My setup is just a standard netgear router with server behind and I set 1 port to forward to transmission to test. The forward works from inside the network, but outside it's still blocked. I thought

    Code
    -A INPUT -p tcp -m tcp --dport 9091 -j ACCEPT

    would allow inbound connections from anywhere, but it's not doing it.

    Modpic.gif

    Dell Precision T3500
    Processor:
    Intel Core i7 960 @3.2ghz
    Memory:
    26GB RAM
    Kernel: Linux 5.10.0-0.bpo.9-amd64
    Version: 5.6.2-1 (Usul) Debian Buster [From Fresh Install of 5]

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!