j'utilise la redirection de port du serveur pour certains services de mon réseau local mais depuis quelques jours ça ne semble plus fonctionner. j'ai essaye de supprimer les ports en question dans le server-manager puis de les recréer, sans succés. je vérifie l'accès de l'extérieur depuis un site de test de port.
si ça peut aider:
- Code: Tout sélectionner
# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
state_chk all -- anywhere anywhere
local_chk all -- anywhere anywhere
PPPconn all -- anywhere anywhere
denylog all -- BASE-ADDRESS.MCAST.NET/4 anywhere
denylog all -- anywhere BASE-ADDRESS.MCAST.NET/4
ACCEPT udp -- anywhere anywhere udp dpts:bootps:bootpc
InboundICMP icmp -- anywhere anywhere
denylog icmp -- anywhere anywhere
InboundTCP tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN
denylog tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN
InboundUDP udp -- anywhere anywhere
denylog udp -- anywhere anywhere
ACCEPT udp -- anywhere anywhere udp spts:bootps:bootpc
gre-in gre -- anywhere anywhere
denylog gre -- anywhere anywhere
denylog all -- anywhere anywhere
Chain FORWARD (policy DROP)
target prot opt source destination
state_chk all -- anywhere anywhere
local_chk all -- anywhere anywhere
ForwardedTCP tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN
ForwardedUDP udp -- anywhere anywhere
denylog all -- anywhere anywhere
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
PPPconn all -- anywhere anywhere
denylog all -- BASE-ADDRESS.MCAST.NET/4 anywhere
denylog all -- anywhere BASE-ADDRESS.MCAST.NET/4
ACCEPT all -- anywhere anywhere
Chain ForwardedTCP (1 references)
target prot opt source destination
ForwardedTCP_4927 all -- anywhere anywhere
denylog tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN
Chain ForwardedTCP_4927 (1 references)
target prot opt source destination
ACCEPT tcp -- anywhere pc-00002.xxxxxxxxxx.ath.cx tcp dpt:1404
ACCEPT tcp -- anywhere pc-00002.xxxxxxxxxx.ath.cx tcp dpt:1405
ACCEPT tcp -- anywhere pc-00003.xxxxxxxxxx.ath.cx tcp dpt:4567
ACCEPT tcp -- anywhere pc-00002.xxxxxxxxxx.ath.cx tcp dpt:4682
ACCEPT tcp -- anywhere pc-00002.xxxxxxxxxx.ath.cx tcp dpt:51413
ACCEPT tcp -- anywhere pc-00004.xxxxxxxxxx.ath.cx tcp dpt:52346
ACCEPT tcp -- anywhere pc-00002.xxxxxxxxxx.ath.cx tcp dpt:webcache
Chain ForwardedUDP (1 references)
target prot opt source destination
ForwardedUDP_4927 all -- anywhere anywhere
denylog udp -- anywhere anywhere
Chain ForwardedUDP_4927 (1 references)
target prot opt source destination
ACCEPT udp -- anywhere pc-00003.xxxxxxxxxx.ath.cx udp dpt:1234
ACCEPT udp -- anywhere pc-00012.xxxxxxxxxx.ath.cx udp dpt:31336
ACCEPT udp -- anywhere pc-00002.xxxxxxxxxx.ath.cx udp dpt:31700
ACCEPT udp -- anywhere pc-00002.xxxxxxxxxx.ath.cx udp dpt:4685
ACCEPT udp -- anywhere pc-00002.xxxxxxxxxx.ath.cx udp dpt:4692
ACCEPT udp -- anywhere pc-00003.xxxxxxxxxx.ath.cx udp dpt:5060
ACCEPT udp -- anywhere pc-00002.xxxxxxxxxx.ath.cx udp dpt:51413
ACCEPT udp -- anywhere pc-00003.xxxxxxxxxx.ath.cx udp dpt:8000
Chain InboundICMP (1 references)
target prot opt source destination
InboundICMP_4927 all -- anywhere anywhere
denylog icmp -- anywhere anywhere
Chain InboundICMP_4927 (1 references)
target prot opt source destination
ACCEPT icmp -- anywhere anywhere icmp echo-request
ACCEPT icmp -- anywhere anywhere icmp echo-reply
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable
ACCEPT icmp -- anywhere anywhere icmp source-quench
ACCEPT icmp -- anywhere anywhere icmp time-exceeded
ACCEPT icmp -- anywhere anywhere icmp parameter-problem
denylog all -- anywhere anywhere
Chain InboundTCP (1 references)
target prot opt source destination
InboundTCP_4927 all -- anywhere anywhere
denylog tcp -- anywhere anywhere tcp flags:SYN,RST,ACK/SYN
Chain InboundTCP_4927 (1 references)
target prot opt source destination
denylog all -- anywhere !xxxxxxxxxx.fbx.proxad.net
REJECT tcp -- anywhere xxxxxxxxxx.fbx.proxad.net tcp dpt:auth reject-with tcp-reset
ACCEPT tcp -- anywhere xxxxxxxxxx.fbx.proxad.net tcp dpt:http
ACCEPT tcp -- anywhere xxxxxxxxxx.fbx.proxad.net tcp dpt:https
ACCEPT tcp -- anywhere xxxxxxxxxx.fbx.proxad.net tcp dpt:pop3s
ACCEPT tcp -- anywhere xxxxxxxxxx.fbx.proxad.net tcp dpt:smtp
ACCEPT tcp -- anywhere xxxxxxxxxx.fbx.proxad.net tcp dpt:smtps
Chain InboundUDP (1 references)
target prot opt source destination
InboundUDP_4927 all -- anywhere anywhere
denylog udp -- anywhere anywhere
Chain InboundUDP_4927 (1 references)
target prot opt source destination
denylog all -- anywhere !xxxxxxxxxx.fbx.proxad.net
Chain PPPconn (2 references)
target prot opt source destination
PPPconn_1 all -- anywhere anywhere
Chain PPPconn_1 (1 references)
target prot opt source destination
Chain denylog (20 references)
target prot opt source destination
DROP udp -- anywhere anywhere udp dpt:router
DROP udp -- anywhere anywhere udp dpts:netbios-ns:netbios-ssn
DROP tcp -- anywhere anywhere tcp dpts:netbios-ns:netbios-ssn
ULOG all -- anywhere anywhere ULOG copy_range 0 nlgroup 1 prefix `denylog:' queue_threshold 1
DROP all -- anywhere anywhere
Chain gre-in (1 references)
target prot opt source destination
denylog all -- anywhere !xxxxxxxxxx.fbx.proxad.net
denylog all -- anywhere anywhere
Chain local_chk (2 references)
target prot opt source destination
local_chk_4927 all -- anywhere anywhere
Chain local_chk_4927 (1 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- 192.168.10.0/24 anywhere
Chain state_chk (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
