Niemand een idee ?
Heb me hier de laatste dagen al door een berg info gesleept over iptables en firestarter maar telkenmale bij de shields up test : 23 en 80 open.
In de configuratie van de aethra router is weinig te verandren vrees ik, een aantal gebruikers beweren dat die is aangepast door Belgacom voor digitale tv (ik gebruik die ook daarvoor)
Het moet toch mogelijk zijn om via iptables die poorten te sluiten. Ik krijg ook een hele boterham bij het volgende :
guy@PC3:~$ sudo iptables -L
Password:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- atos038555 anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
ACCEPT udp -- atos038555 anywhere
ACCEPT 0 -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5
ACCEPT icmp -- anywhere anywhere icmp echo-reply limit: avg 1/sec burst 5
LSI udp -- anywhere anywhere udp dpt:33434
LSI icmp -- anywhere anywhere
DROP 0 -- anywhere 255.255.255.255
DROP 0 -- anywhere 192.168.1.255
DROP 0 -- BASE-ADDRESS.MCAST.NET/8 anywhere
DROP 0 -- anywhere BASE-ADDRESS.MCAST.NET/8
DROP 0 -- 255.255.255.255 anywhere
DROP 0 -- anywhere 0.0.0.0
DROP 0 -- anywhere anywhere state INVALID
LSI 0 -f anywhere anywhere limit: avg 10/min burst 5
INBOUND 0 -- anywhere anywhere
LOG_FILTER 0 -- anywhere anywhere
LOG 0 -- anywhere anywhere LOG level info prefix `Unknown Input'
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5
ACCEPT icmp -- anywhere anywhere icmp echo-reply limit: avg 1/sec burst 5
LSI udp -- anywhere anywhere udp dpt:33434
LSI icmp -- anywhere anywhere
LOG_FILTER 0 -- anywhere anywhere
LOG 0 -- anywhere anywhere LOG level info prefix `Unknown Forward'
Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- pc3 atos038555 tcp dpt:domain
ACCEPT udp -- pc3 atos038555 udp dpt:domain
ACCEPT 0 -- anywhere anywhere
DROP 0 -- BASE-ADDRESS.MCAST.NET/8 anywhere
DROP 0 -- anywhere BASE-ADDRESS.MCAST.NET/8
DROP 0 -- 255.255.255.255 anywhere
DROP 0 -- anywhere 0.0.0.0
DROP 0 -- anywhere anywhere state INVALID
OUTBOUND 0 -- anywhere anywhere
LOG_FILTER 0 -- anywhere anywhere
LOG 0 -- anywhere anywhere LOG level info prefix `Unknown Output'
Chain INBOUND (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
LSI 0 -- anywhere anywhere
Chain LOG_FILTER (5 references)
target prot opt source destination
Chain LSI (6 references)
target prot opt source destination
LOG_FILTER 0 -- anywhere anywhere
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN
LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/RST
LOG icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5 LOG level info prefix `Inbound '
DROP icmp -- anywhere anywhere icmp echo-request
LOG 0 -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Inbound '
DROP 0 -- anywhere anywhere
Chain LSO (2 references)
target prot opt source destination
LOG_FILTER 0 -- anywhere anywhere
LOG 0 -- anywhere anywhere limit: avg 5/sec burst 5 LOG level info prefix `Outbound '
REJECT 0 -- anywhere anywhere reject-with icmp-port-unreachable
Chain OUTBOUND (1 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere
ACCEPT tcp -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere state RELATED,ESTABLISHED
LSO tcp -- anywhere anywhere tcp dpt:telnet
LSO udp -- anywhere anywhere udp dpt:23
ACCEPT 0 -- anywhere anywhere