www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

block K5 listening UDP PUBLIC port using iptables - how?

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell
View previous topic :: View next topic  
Author Message
tls



Joined: 09 Jul 2011
Posts: 17

PostPosted: Sat Apr 13, 2013 5:43 am    Post subject: block K5 listening UDP PUBLIC port using iptables - how? Reply with quote

I have been trying to block the input or output of K5 using IPtables to shield on my PUBLIC IP - security reasons. I have tried all manner of rules for the UDP, but I can't get the config right. I was able to block the IP tcp port with ease.

I know there is no way to alter the binding, at least I was not able to find it.

Any help doing this would be great.

Rule for IP (this works):

-A INPUT -i ETH00 -p tcp -m tcp --dport 749 -j DROP


Rules I have tried for UDP:


-A INPUT -i ETH00 -p udp -m state --state UNTRACKED -m udp --sport 88 -j DROP
-A INPUT -i ETH00 -p udp -m udp --sport 88 -j DROP
-A INPUT -i ETH00 -p udp -m state --state UNTRACKED -m udp --dport 88 -j DROP
-A INPUT -i ETH00 -p udp -m udp --dport 88 -j DROP
-A INPUT -i ETH00 -p udp -m state --state NEW -m udp --dport 88 -j DROP
-A INPUT -p udp -m state --state ESTABLISHED -m udp --dport 88 -j DROP
-A INPUT -i ETH00 -p udp -m state --state RELATED -m udp --dport 88 -j DROP
-A INPUT -i ETH00 -p udp -m state --state INVALID -m udp --dport 88 -j DROP
-A INPUT -i ETH00 -p udp -m state --state INVALID,NEW,RELATED,ESTABLISHED,UNTRACKED -m udp --dport 88 -j DROP
-A INPUT -i ETH00 -p udp -m state --state INVALID,NEW,RELATED,ESTABLISHED,UNTRACKED -m udp --sport 88 -j DROP

I am testing with this nmap command:
nmap -p 88 -sU -P0 xxx.yyy.zzz.aaa

Thanks,
tls
Back to top
View user's profile Send private message
hvgsit



Joined: 16 Feb 2009
Posts: 5
Location: Australia

PostPosted: Tue Jan 26, 2016 6:19 am    Post subject: Reply with quote

Just found your post and had the same issue.

What worked for me was the following firewall rules done in the web interface in the INPUT chain

ppp0 * REJECT tcp opt -- in ppp0 out * 0.0.0.0/0 -> 0.0.0.0/0 tcp dpt:749 reject-with icmp-port-unreachable
ppp0 * REJECT udp opt -- in ppp0 out * 0.0.0.0/0 -> 0.0.0.0/0 udp dpt:88 reject-with icmp-port-unreachable

Confirmed working on external ip with

nmap -p749 -sUT x.x.x.x

and

nmap -p88 -sUT x.x.x.x
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group