Ubuntu & IPtables

5 posts / 0 new

Topic locked

Last post

#1 Fri, 08/19/2016 - 17:31

eddieb

Ubuntu & IPtables

On a fresh install of Ubuntu 16.04, I have this set in Iptables:

http://i.imgur.com/IEdmKKw.png

but the port scanner at Mxtoolbox shows this:

http://i.imgur.com/BOUplDY.png

I've already applied the config, rebooted, reverted the config (shows the same as the screenshot above), but 25 and 587 remain open (I can even telnet into an SMTP session in 587)

What am I missing here?

#2 Wed, 08/24/2016 - 12:15

eddieb

Bueller?... Bueller?... Bueller?

Operating system Ubuntu Linux 16.04.1

Webmin version 1.810

Virtualmin version 5.04

#3 Fri, 08/26/2016 - 15:33

scotwnw

You have the default set to 'accept' for incoming connections. Essentially the FW is NOT on at ALL. Below your rules, Change "set default action" to drop for the incoming section. Forward and outgoing sections can be left as accept.

To be safe, I like to put a DROP ALL rule at the bottom of the rule list. Just create new rule, click on drop, leave all else blank. Will make a rule that will drop all traffic that has not met any rule above it.

#4 Fri, 08/26/2016 - 19:43

eddieb

Duh! Thanks!

#5 Sun, 08/28/2016 - 20:51

eddieb

You forgot to allow "if connection state is RELATED, ESTABLISHED". the server cannot resolve any DNS or send email unless this rule is in place (outgoing chain remains empty)

Topic locked