Firewallscripts

Gemeinsam ins Internet mit Firewall und Proxy.
inne
Beiträge: 3273
Registriert: 29.06.2013 17:32:10
Lizenz eigener Beiträge: GNU General Public License
Kontaktdaten:

Re: Firewallscripts

Beitrag von inne » 16.06.2014 17:30:34

Mululu hat geschrieben: Kennt ihr vll. eine sehr gutes HowTo in dem IPTABLES gut erklärt ist?

Ich möchte kein Script von anderen nehmen denn dabei lerne ich nicht viel. Ich möchte IPTABLES verstehen und nicht nur benutzen.
Ich fand das hier ganz gut: http://www.oreilly.de/catalog/lnxiptablesprger/

Im Kofler wird IPTABLES auch erklärt. Mit einem eigentlich ganz guten Beispiel, um eine Basis zu haben, finde ich.

Mululu
Beiträge: 35
Registriert: 08.10.2013 18:17:41

Re: Firewallscripts

Beitrag von Mululu » 16.06.2014 17:31:59

Danke schon mal. Ich schau Mir das mal an ;)

dirk11
Beiträge: 2811
Registriert: 02.07.2013 11:47:01

Re: Firewallscripts

Beitrag von dirk11 » 16.06.2014 19:19:46

inne hat geschrieben:Ich fand das hier ganz gut: http://www.oreilly.de/catalog/lnxiptablesprger/
"Gedruckte Ausgabe nicht mehr lieferbar".

inne
Beiträge: 3273
Registriert: 29.06.2013 17:32:10
Lizenz eigener Beiträge: GNU General Public License
Kontaktdaten:

Re: Firewallscripts

Beitrag von inne » 16.06.2014 19:24:16

Sogar auf Amazon als Neuware nicht mehr... Bekommt man aber noch gebraucht.

nuhll
Beiträge: 17
Registriert: 05.07.2014 23:56:49

Re: Firewallscripts

Beitrag von nuhll » 10.07.2014 18:16:42

Vielen dank dafür, das werde ich gleich mal ausprobieren, schön dokumentiert! :THX: :THX: :THX:

Da hier offensichtlich Profis am Werk sind: ich möchte jeglichen Traffic auf Squid Port 3268 leiten, das funktioniert soweit, Aber ich möchte nun ein paar Domains auf Nginx Port 80 leiten, Lösung dafür? Grund liegt darin das Nginx einige Domains besser Cached (zb Steam).

Edit:
Leider funktioniert immer noch kein FTP so richtig. Downloaden gheht wunderbar, beim upload fängt er mit max speed an und geht dann langsam auf 0kbs, er schreibt aber ein paar KB bei jedem versuch. Script genauso übernommen nur halt eth0-1 ausgetauscht... das zeigt mir tcp dump und damit kann ich garnichts anfangen :-)

Internet Eth0
19:32:20.919697 IP 95-90-120-15-dynip.superkabel.de.58222 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 2118983292:2118983298, ack 448872428, win 32760, length 6
19:32:20.950315 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58222: Flags [P.], seq 1:15, ack 6, win 46, length 14
19:32:20.950387 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58222: Flags [F.], seq 15, ack 6, win 46, length 0
19:32:20.950590 IP 95-90-120-15-dynip.superkabel.de.58222 > static.38.81.4.46.clients.your-server.de.999: Flags [F.], seq 6, ack 15, win 32757, length 0
19:32:20.950716 IP 95-90-120-15-dynip.superkabel.de.58222 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 16, win 32757, length 0
19:32:20.979039 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58222: Flags [.], ack 7, win 46, length 0
19:32:22.693582 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags , seq 1928771613, win 65535, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
19:32:22.722834 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [S.], seq 1421892684, ack 1928771614, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
19:32:22.723028 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 1, win 32768, length 0
19:32:22.758605 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 1:105, ack 1, win 46, length 104
19:32:22.758834 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 1:11, ack 105, win 32742, length 10
19:32:22.802944 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [.], ack 11, win 46, length 0
19:32:22.803399 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 105:136, ack 11, win 46, length 31
19:32:22.804491 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 11:35, ack 136, win 32734, length 24
19:32:22.848350 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 136:202, ack 35, win 46, length 66
19:32:22.848459 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 202:208, ack 35, win 46, length 6
19:32:22.848474 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 208:257, ack 35, win 46, length 49
19:32:22.848498 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 257:263, ack 35, win 46, length 6
19:32:22.848593 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 263:339, ack 35, win 46, length 76
19:32:22.848746 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 208, win 32716, length 0
19:32:22.848762 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 263, win 32702, length 0
19:32:22.873393 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 339:414, ack 35, win 46, length 75
19:32:22.873410 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 414:420, ack 35, win 46, length 6
19:32:22.873417 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 420:444, ack 35, win 46, length 24
19:32:22.873510 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 414, win 32664, length 0
19:32:22.873739 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 444, win 32657, length 0
19:32:22.875148 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 35:41, ack 444, win 32657, length 6
19:32:22.908520 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 444:463, ack 41, win 46, length 19
19:32:22.908750 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 41:47, ack 463, win 32652, length 6
19:32:22.940357 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 463:719, ack 47, win 46, length 256
19:32:22.940371 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 719:728, ack 47, win 46, length 9
19:32:22.940513 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 728, win 32586, length 0
19:32:22.940828 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 47:61, ack 728, win 32586, length 14
19:32:22.973988 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 728:748, ack 61, win 46, length 20
19:32:22.994015 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 61:66, ack 748, win 32581, length 5
19:32:23.023704 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 748:785, ack 66, win 46, length 37
19:32:23.024201 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 66:76, ack 785, win 32572, length 10
19:32:23.052752 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 785:813, ack 76, win 46, length 28
19:32:23.054274 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 76:81, ack 813, win 32565, length 5
19:32:23.081461 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 813:850, ack 81, win 46, length 37
19:32:23.091057 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 81:87, ack 850, win 32555, length 6
19:32:23.119811 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 850:899, ack 87, win 46, length 49
19:32:23.153150 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 87:93, ack 899, win 32543, length 6
19:32:23.186947 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 899:948, ack 93, win 46, length 49
19:32:23.225304 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 948:971, ack 93, win 46, length 23
19:32:23.225474 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 971, win 32525, length 0
19:32:23.240033 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 93:101, ack 971, win 32525, length 8
19:32:23.270283 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 971:990, ack 101, win 46, length 19
19:32:23.280646 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 101:136, ack 990, win 32520, length 35
19:32:23.305494 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 990:1042, ack 136, win 46, length 52
19:32:23.305553 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 1042:1198, ack 136, win 46, length 156
19:32:23.305563 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 1198:1215, ack 136, win 46, length 17
19:32:23.305898 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 1198, win 32468, length 0
19:32:23.306193 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 136:142, ack 1215, win 32464, length 6
19:32:23.335355 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 1215:1263, ack 142, win 46, length 48
19:32:23.386777 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 1263, win 32452, length 0
19:32:23.425853 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 142:155, ack 1263, win 32452, length 13
19:32:23.455849 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 1263:1334, ack 155, win 46, length 71
19:32:23.456293 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 155:190, ack 1334, win 32434, length 35
19:32:23.485175 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 1334:1409, ack 190, win 46, length 75
19:32:23.536900 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 1409, win 32416, length 0
19:32:33.514313 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 190:196, ack 1409, win 32416, length 6
19:32:33.543100 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 1409:1457, ack 196, win 46, length 48
19:32:33.576093 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 196:202, ack 1457, win 32404, length 6
19:32:33.609567 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 1457:1506, ack 202, win 46, length 49
19:32:33.645321 IP static.38.81.4.46.clients.your-server.de.999 > 95-90-120-15-dynip.superkabel.de.58441: Flags [P.], seq 1506:1529, ack 202, win 46, length 23
19:32:33.645507 IP 95-90-120-15-dynip.superkabel.de.58441 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 1529, win 32768, length 0


Netzwerk Eth1

19:37:46.392547 IP 192.168.0.125.58581 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 2135073954:2135073962, ack 605575939, win 32518, length 8
19:37:46.423129 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58581: Flags [P.], seq 1:20, ack 8, win 46, length 19
19:37:46.424312 IP 192.168.0.125.58581 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 8:43, ack 20, win 32513, length 35
19:37:46.454288 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58581: Flags [P.], seq 20:73, ack 43, win 46, length 53
19:37:46.454614 IP 192.168.0.125.58581 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 43:49, ack 73, win 32500, length 6
19:37:46.482987 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58581: Flags [P.], seq 73:121, ack 49, win 46, length 48
19:37:46.516681 IP 192.168.0.125.58581 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 49:55, ack 121, win 32488, length 6
19:37:46.556595 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58581: Flags [P.], seq 121:170, ack 55, win 46, length 49
19:37:46.599700 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58581: Flags [P.], seq 170:193, ack 55, win 46, length 23
19:37:46.600096 IP 192.168.0.125.58581 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 193, win 32470, length 0
19:37:46.606169 IP 192.168.0.125.58581 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 55:61, ack 193, win 32470, length 6
19:37:46.661984 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58581: Flags [P.], seq 193:240, ack 61, win 46, length 47
19:37:46.707136 IP 192.168.0.125.58581 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 240, win 32458, length 0
19:37:46.711795 IP 192.168.0.125.58581 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 61:96, ack 240, win 32458, length 35
19:37:46.746499 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58581: Flags [P.], seq 240:314, ack 96, win 46, length 74
19:37:46.796190 IP 192.168.0.125.58581 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 314, win 32440, length 0
19:38:59.161805 IP 192.168.0.125.58581 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 96:102, ack 314, win 32440, length 6
19:38:59.165676 IP 192.168.0.125.58581 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 102:108, ack 314, win 32440, length 6
19:38:59.234121 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58581: Flags [.], ack 108, win 46, length 0
19:39:59.164785 IP 192.168.0.125.58581 > static.38.81.4.46.clients.your-server.de.999: Flags [F.], seq 108, ack 314, win 32440, length 0
19:39:59.233471 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58581: Flags [.], ack 109, win 46, length 0
19:40:01.175588 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags , seq 3201831444, win 65535, options [mss 1460,nop,wscale 2,nop,nop,sackOK], length 0
19:40:01.205206 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [S.], seq 3913268266, ack 3201831445, win 5840, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
19:40:01.205490 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 1, win 32768, length 0
19:40:01.244092 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 1:105, ack 1, win 46, length 104
19:40:01.244555 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 1:11, ack 105, win 32742, length 10
19:40:01.272278 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [.], ack 11, win 46, length 0
19:40:01.305691 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 105:136, ack 11, win 46, length 31
19:40:01.306062 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 11:35, ack 136, win 32734, length 24
19:40:01.355479 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 136:202, ack 35, win 46, length 66
19:40:01.355517 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 202:208, ack 35, win 46, length 6
19:40:01.355537 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 208:257, ack 35, win 46, length 49
19:40:01.355545 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 257:263, ack 35, win 46, length 6
19:40:01.355660 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 263:339, ack 35, win 46, length 76
19:40:01.355983 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 208, win 32716, length 0
19:40:01.356078 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 263, win 32702, length 0
19:40:01.397392 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 339:414, ack 35, win 46, length 75
19:40:01.397402 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 414:420, ack 35, win 46, length 6
19:40:01.397409 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 420:444, ack 35, win 46, length 24
19:40:01.397733 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 414, win 32664, length 0
19:40:01.397861 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 444, win 32657, length 0
19:40:01.398053 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 35:41, ack 444, win 32657, length 6
19:40:01.426051 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 444:463, ack 41, win 46, length 19
19:40:01.426360 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 41:47, ack 463, win 32652, length 6
19:40:01.457896 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 463:719, ack 47, win 46, length 256
19:40:01.457906 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 719:728, ack 47, win 46, length 9
19:40:01.458083 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 728, win 32586, length 0
19:40:01.458305 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 47:61, ack 728, win 32586, length 14
19:40:01.490826 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 728:748, ack 61, win 46, length 20
19:40:01.491409 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 61:66, ack 748, win 32581, length 5
19:40:01.518605 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 748:785, ack 66, win 46, length 37
19:40:01.518967 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 66:76, ack 785, win 32572, length 10
19:40:01.547859 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 785:813, ack 76, win 46, length 28
19:40:01.548201 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 76:81, ack 813, win 32565, length 5
19:40:01.580778 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 813:850, ack 81, win 46, length 37
19:40:01.583349 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 81:87, ack 850, win 32555, length 6
19:40:01.611600 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 850:899, ack 87, win 46, length 49
19:40:01.643696 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 87:93, ack 899, win 32543, length 6
19:40:01.672266 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 899:948, ack 93, win 46, length 49
19:40:01.704701 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 948:971, ack 93, win 46, length 23
19:40:01.705029 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 971, win 32525, length 0
19:40:01.722308 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 93:101, ack 971, win 32525, length 8
19:40:01.752127 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 971:990, ack 101, win 46, length 19
19:40:01.752420 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 101:136, ack 990, win 32520, length 35
19:40:01.787440 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 990:1042, ack 136, win 46, length 52
19:40:01.787506 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 1042:1198, ack 136, win 46, length 156
19:40:01.787515 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 1198:1215, ack 136, win 46, length 17
19:40:01.787809 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 1198, win 32468, length 0
19:40:01.788081 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 136:142, ack 1215, win 32464, length 6
19:40:01.819653 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 1215:1264, ack 142, win 46, length 49
19:40:01.864547 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 142:155, ack 1264, win 32452, length 13
19:40:01.893621 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 1264:1335, ack 155, win 46, length 71
19:40:01.894004 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 155:190, ack 1335, win 32434, length 35
19:40:01.928568 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 1335:1410, ack 190, win 46, length 75
19:40:01.981852 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 1410, win 32415, length 0
19:40:11.964785 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 190:196, ack 1410, win 32415, length 6
19:40:11.992613 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 1410:1458, ack 196, win 46, length 48
19:40:12.020798 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [P.], seq 196:202, ack 1458, win 32403, length 6
19:40:12.050811 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 1458:1507, ack 202, win 46, length 49
19:40:12.088500 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58704: Flags [P.], seq 1507:1530, ack 202, win 46, length 23
19:40:12.088642 IP 192.168.0.125.58704 > static.38.81.4.46.clients.your-server.de.999: Flags [.], ack 1530, win 32768, length 0
19:40:25.135342 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58581: Flags [P.], seq 314:336, ack 109, win 46, length 22
19:40:25.135359 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58581: Flags [P.], seq 336:382, ack 109, win 46, length 46
19:40:25.135375 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58581: Flags [P.], seq 382:430, ack 109, win 46, length 48
19:40:25.135392 IP static.38.81.4.46.clients.your-server.de.999 > 192.168.0.125.58581: Flags [FP.], seq 430:459, ack 109, win 46, length 29
19:40:25.135512 IP 192.168.0.125.58581 > static.38.81.4.46.clients.your-server.de.999: Flags [R.], seq 109, ack 336, win 0, length 0



Das sagt der FTP log:

[19:32:16] [L] Verbindung herstellen zu 46.4.81.38 -> IP=46.4.81.38 PORT=999
[19:32:16] [L] Verbunden mit 46.4.81.38
[19:32:16] [L] 220 ProFTPD 1.3.3a Server (Serv-U is the FTP server that is both secure and easy to use.) [46.4.81.38]
[19:32:16] [L] USER ftp
[19:32:16] [L] 331 Password required for ftp
[19:32:16] [L] PASS (hidden)
[19:32:16] [L] 230-Welcome, archive user ftp@95-90-120-15-dynip.superkabel.de !
[19:32:16] [L] 230-
[19:32:16] [L] 230-The local time is: Thu Jul 10 19:32:18 2014
[19:32:16] [L] 230-
[19:32:16] [L] 230-This is an experimental FTP server. If you have any unusual problems,
[19:32:16] [L] 230-please report them via e-mail to <root@Debian-60-squeeze-64-minimal>.
[19:32:16] [L] 230-
[19:32:16] [L] 230 User ftp logged in
[19:32:16] [L] SYST
[19:32:16] [L] 215 UNIX Type: L8
[19:32:16] [L] FEAT
[19:32:16] [L] 211-Features:
[19:32:16] [L] LANG en-US.UTF-8*;en-US
[19:32:16] [L] MDTM
[19:32:16] [L] MFMT
[19:32:16] [L] TVFS
[19:32:16] [L] UTF8
[19:32:16] [L] MFF modify;UNIX.group;UNIX.mode;
[19:32:16] [L] MLST modify*;perm*;size*;type*;unique*;UNIX.group*;UNIX.mode*;UNIX.owner*;
[19:32:16] [L] SITE MKDIR
[19:32:16] [L] SITE RMDIR
[19:32:16] [L] SITE UTIME
[19:32:16] [L] SITE SYMLINK
[19:32:16] [L] REST STREAM
[19:32:16] [L] SIZE
[19:32:16] [L] 211 End
[19:32:16] [L] OPTS UTF8 ON
[19:32:16] [L] 200 UTF8 set to on
[19:32:16] [L] PWD
[19:32:16] [L] 257 "/ftp" is the current directory
[19:32:16] [L] CWD /ftp
[19:32:16] [L] 250 CWD command successful
[19:32:16] [L] PWD
[19:32:16] [L] 257 "/ftp" is the current directory
[19:32:16] [L] PASV
[19:32:16] [L] 227 Entering Passive Mode (46,4,81,38,204,213).
[19:32:16] [L] Datenkanal-IP öffnen: 46.4.81.38 PORT: 52437
[19:32:16] [L] MLSD
[19:32:16] [L] 150 Opening ASCII mode data connection for MLSD
[19:32:16] [L] 226 Transfer complete
[19:32:16] [L] Verzeichnis geladen: 2 KB in 0,15 Sekunde (3,0 KB/s)
[19:32:16] [L] TYPE I
[19:32:16] [L] 200 Type set to I
[19:32:16] [L] MLST Win_Enterprise_8.1_64BIT.ISO
[19:32:16] [L] 250-Start of list for Win_Enterprise_8.1_64BIT.ISO
[19:32:16] [L] 250-modify=20140710172806;perm=adfrw;size=156584;type=file;unique=903U5247FB1;UNIX.group=65534;UNIX.mode=0644;UNIX.owner=106; Win_Enterprise_8.1_64BIT.ISO
[19:32:16] [L] 250 End of list
[19:32:16] [L] PASV
[19:32:16] [L] 227 Entering Passive Mode (46,4,81,38,222,42).
[19:32:16] [L] Datenkanal-IP öffnen: 46.4.81.38 PORT: 56874
[19:32:17] [L] REST 156584
[19:32:17] [L] 350 Restarting at 156584. Send STORE or RETRIEVE to initiate transfer
[19:32:17] [L] STOR Win_Enterprise_8.1_64BIT.ISO
[19:32:17] [L] 451 Win_Enterprise_8.1_64BIT.ISO: Append/Restart not permitted, try again
[19:32:27] [L] Übertragung fehlgeschlagen: Win_Enterprise_8.1_64BIT.ISO
[19:32:27] [L] PASV
[19:32:27] [L] 227 Entering Passive Mode (46,4,81,38,234,92).
[19:32:27] [L] Datenkanal-IP öffnen: 46.4.81.38 PORT: 59996
[19:32:27] [L] MLSD
[19:32:27] [L] 150 Opening ASCII mode data connection for MLSD
[19:32:27] [L] 226 Transfer complete
[19:32:27] [L] Verzeichnis geladen: 2 KB in 0,13 Sekunde (3,0 KB/s)
[19:32:27] Übertragung von Warteschlange komplett
[19:32:27] Übertragen 0 Dateien (0 bytes) in 11 Sekunden (0,0 KB/s)
[19:32:27] 1 Datei Fehlgeschlagen

nuhll
Beiträge: 17
Registriert: 05.07.2014 23:56:49

Re: Firewallscripts

Beitrag von nuhll » 14.07.2014 19:16:14

Ich hab schon selbst herausgefunden woran es wahrscheinlich liegt.

Ich habe


modprobe ip_conntrack
modprobe ip_conntrack_ftp
modprobe ip_nat_ftp

per iptables rule gestartet.

Habe zusätzlich folgende Datein in dem Ordner:
root@debian-server:~# vi /etc/modprobe.d/
fbdev-blacklist.conf ip_conntrack.conf ip_nat_ftp.conf ip_conntrack_ftp.conf

erstellt, Inhalt:
options [name modul] ports=21,999
Leider scheint das nicht zu funktionieren, natürlich gibt es auch KEINERLEI Informationen im Netz, ich kann das gar nicht glauben und da wundert sich die Linux Community wenn einige Linux verfluchen!?

Wo und wie kann ich in Debian Wheezy diese Optionen übergeben?! Den Tipp mit unter modprobe.d hab ich in irgendeinem Thread gefunden, da ging es aber um Ubuntu..

kernel.log sagt zu der Geschichte folgendes:
Jul 14 19:20:23 debian-server kernel: [ 10.557524] nf_conntrack version 0.5.0 (16384 buckets, 65536 max)
Jul 14 19:20:23 debian-server kernel: [ 10.683280] nf_nat_ftp: kernel >= 2.6.10 only uses 'ports' for conntrack modules

zwiebelchen
Beiträge: 138
Registriert: 31.03.2011 12:51:42

Re: Firewallscripts

Beitrag von zwiebelchen » 22.07.2014 17:56:03

Versuch mal im Firewall-Script

Code: Alles auswählen

modprobe ip_conntrack_ftp ports=21,999
Debian 7 Wheezy mit Gnome 3 auf Xeon 1230V2, Asus P8H77, 16 GB DDR3, 120 GB Samsung 830 SSD, Gigabyte GTX 660

andreathome
Beiträge: 24
Registriert: 21.07.2015 10:50:55

Re: Firewallscripts

Beitrag von andreathome » 30.07.2015 00:06:46

Bin set 3 Jahren zufrieden mit http://goodworkaround.com/node/32 auf mein Webdav server.
Unter das Original. Er ersetze wo notwendig ACCEPT durch DROP,
Was Ich selbst auch gemacht habe, nur 443 ist geöffnet für Webdav.., die rest steht auf DROP oder ist "auscommentiert' mit #.
Die Text ohne # hab Ich als Beispiel, das Orginal, hier stehen lassen.

/etc/iptables_secure.sh

Code: Alles auswählen

#!/bin/sh

IPT="/sbin/iptables"

# Flush old rules, old custom tables
$IPT --flush
$IPT --delete-chain

# Set default policies for all three default chains
$IPT -P INPUT DROP
$IPT -P FORWARD DROP
$IPT -P OUTPUT ACCEPT

# Enable free use of loopback interfaces
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A OUTPUT -o lo -j ACCEPT

# All TCP sessions should begin with SYN
# $IPT -A INPUT -p tcp ! --syn -m state --state NEW -s 0.0.0.0/0 -j DROP

# Accept established connections
$IPT -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

echo "Opening CARP"
$IPT -A INPUT --protocol 112 -j ACCEPT

# Brute force
# Limit the number of ssh connections to 6 per minute
$IPT -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent --set --name SSH
$IPT -A INPUT -i eth0 -p tcp --dport 22 -m state --state NEW -m recent --update --seconds 60 --hitcount 6 --rttl --name SSH -j DROP

# Limit the number of ftp connections to 10 per minute
# $IPT -A INPUT -i eth0 -p tcp --dport 21 -m state --state NEW -m recent --set --name FTP
# $IPT -A INPUT -i eth0 -p tcp --dport 21 -m state --state NEW -m recent --update --seconds 60 --hitcount 10 --rttl --name FTP -j DROP

echo "Opening FTP"
$IPT -A INPUT -p tcp --dport 20 -m state --state NEW -j ACCEPT
$IPT -A INPUT -p tcp --dport 21 -m state --state NEW -j ACCEPT
$IPT -A INPUT -p tcp --sport 1024: --dport 1024:  -m state --state ESTABLISHED -j ACCEPT
$IPT -A OUTPUT -p tcp --sport 1024: --dport 1024:  -m state --state ESTABLISHED,RELATED -j ACCEPT


echo "Opening HTTP(S)"
$IPT -A INPUT -p tcp --dport 80 -m state --state NEW -j ACCEPT 
$IPT -A INPUT -p tcp --dport 443 -m state --state NEW -j ACCEPT

echo "Opening SSH"
$IPT -A INPUT -p tcp --dport 22 -m state --state NEW -j ACCEPT

echo "Opening MySQL"
$IPT -A INPUT -p tcp --dport 3306 -m state --state NEW -j ACCEPT

echo "Opening port 7777 - ocfs2"
$IPT -A INPUT -p tcp --dport 7777 -m state --state NEW -j ACCEPT
$IPT -A INPUT -p udp --dport 7777 -j ACCEPT

echo "Opening NTP"
$IPT -A INPUT -p udp --dport 123 -j ACCEPT
$IPT -A INPUT -p tcp --dport 123 -m state --state NEW -j ACCEPT

# echo "Opening all from same subnet"
# $IPT -A INPUT -p tcp -s 192.168.1.0/24 -m state --state NEW -j ACCEPT

# Accept inbound ICMP messages
echo "Opening ping and traceroute"
$IPT -A INPUT -p ICMP --icmp-type 8 -s 0.0.0.0/0 -j ACCEPT
$IPT -A INPUT -p ICMP --icmp-type 11 -s 0.0.0.0/0 -j ACCEPT
/etc/iptables_open.sh

Code: Alles auswählen

#!/bin/sh
echo "Opening firewall"
IPT="/sbin/iptables"

# Flush old rules, old custom tables
$IPT --flush
$IPT --delete-chain

# Set default policies for all three default chains
$IPT -P INPUT ACCEPT
$IPT -P FORWARD ACCEPT
$IPT -P OUTPUT ACCEPT

# Enable free use of loopback interfaces
$IPT -A INPUT -i lo -j ACCEPT
$IPT -A OUTPUT -o lo -j ACCEPT
/etc/init.d/firewall

Code: Alles auswählen

#! /bin/sh
### BEGIN INIT INFO
# Provides:          firewall
# Required-Start:     $portmap
# Required-Stop:     
# Should-Start:      udev-mtab
# Default-Start:     2
# Default-Stop:      0 6
# Short-Description: 
# Description:       
### END INIT INFO

. /lib/init/vars.sh
. /lib/lsb/init-functions

case "$1" in
    start)
        sh /etc/iptables_script.sh
        ;;
    restart|reload|force-reload)
        echo "Error: argument '$1' not supported" >&2
        exit 3
        ;;
    stop)
        sh /etc/iptables_open.sh
        ;;
    *)
        echo "Usage: $0 start|stop" >&2
        exit 3
        ;;
esac
Um die FW aktiv zu machen:

Code: Alles auswählen

chmod +x /etc/init.d/firewall
Starten:

Code: Alles auswählen

/etc/init.d/firewall start
Stoppen:

Code: Alles auswählen

/etc/init.d/firewall stop
FW auto starten bei booten:

Code: Alles auswählen

update-rc.d firewall defaults

Antworten