Configserver doesent block IP adres

C

ClubNZB

New member
Joined
Nov 8, 2024
Messages
1
I manual add an IP adress info configserver.
deny failed: XXX.XXX.XXX.XXX is in already in the deny file /etc/csf/csf.deny 1 times
OK so fas so good but this IP is ttill accessing the server and doesent block by ConfigServer Firewall.

Do I miss A setting?
csf v14.22

Config:
iptables filter table
=====================
Chain INPUT (policy DROP 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 10M 20G LOCALINPUT 0 -- !lo * 0.0.0.0/0 0.0.0.0/0
2 1302K 272M ACCEPT 0 -- lo * 0.0.0.0/0 0.0.0.0/0
3 9800K 20G INVALID 6 -- !lo * 0.0.0.0/0 0.0.0.0/0
4 605 35668 ACCEPT 1 -- !lo * 0.0.0.0/0 0.0.0.0/0 icmptype 8 limit: avg 1/sec burst 5
5 85 5780 LOGDROPIN 1 -- !lo * 0.0.0.0/0 0.0.0.0/0 icmptype 8
6 24 2444 ACCEPT 1 -- !lo * 0.0.0.0/0 0.0.0.0/0
7 10M 20G ACCEPT 0 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
8 107 4576 ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpts:35000:35999
9 6 272 ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:20
10 60 3320 ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:21
11 3377 200K ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:22
12 268 14020 ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:25
13 38 2096 ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:53
14 1 44 ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:853
15 10587 624K ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:80
16 41 2208 ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:110
17 54 2976 ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:143
18 176K 11M ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:443
19 53 3072 ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:465
20 52 2928 ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:587
21 129 7080 ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:993
22 94 5116 ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:995
23 227 12308 ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:2222
24 5 220 ACCEPT 6 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:119
25 0 0 ACCEPT 17 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:20
26 0 0 ACCEPT 17 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:21
27 79 6998 ACCEPT 17 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:53
28 0 0 ACCEPT 17 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:853
29 1 28 ACCEPT 17 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:80
30 6 4270 ACCEPT 17 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:443
31 0 0 ACCEPT 17 -- !lo * 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:119
32 26068 3808K LOGDROPIN 0 -- !lo * 0.0.0.0/0 0.0.0.0/0

Chain FORWARD (policy DROP 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 9823K 23G LOCALOUTPUT 0 -- * !lo 0.0.0.0/0 0.0.0.0/0
2 0 0 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
3 576K 41M ACCEPT 17 -- * !lo 0.0.0.0/0 0.0.0.0/0 udp dpt:53
4 126 7971 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 tcp spt:53
5 67 5727 ACCEPT 17 -- * !lo 0.0.0.0/0 0.0.0.0/0 udp spt:53
6 9927K 23G SMTPOUTPUT 0 -- * * 0.0.0.0/0 0.0.0.0/0
7 1302K 272M ACCEPT 0 -- * lo 0.0.0.0/0 0.0.0.0/0
8 8624K 22G INVALID 6 -- * !lo 0.0.0.0/0 0.0.0.0/0
9 612 37672 ACCEPT 1 -- * !lo 0.0.0.0/0 0.0.0.0/0
10 8461K 22G ACCEPT 0 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
11 0 0 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:465
12 0 0 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:143
13 0 0 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:20
14 0 0 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:21
15 0 0 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:22
16 0 0 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:25
17 0 0 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:53
18 0 0 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:853
19 1222 73320 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:80
20 0 0 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:110
21 0 0 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:113
22 58108 3486K ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:443
23 0 0 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:587
24 0 0 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:993
25 0 0 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:995
26 0 0 ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:2222
27 104K 6263K ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW tcp dpt:119
28 0 0 ACCEPT 17 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:11335
29 0 0 ACCEPT 17 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:443
30 0 0 ACCEPT 17 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:20
31 0 0 ACCEPT 17 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:21
32 0 0 ACCEPT 17 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:53
33 0 0 ACCEPT 17 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:853
34 0 0 ACCEPT 17 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:113
35 56 4256 ACCEPT 17 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:123
36 0 0 ACCEPT 17 -- * !lo 0.0.0.0/0 0.0.0.0/0 ctstate NEW udp dpt:119
37 0 0 LOGDROPOUT 0 -- * !lo 0.0.0.0/0 0.0.0.0/0

Chain ALLOWIN (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 match-set chain_ALLOW src

Chain ALLOWOUT (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT 17 -- * !lo 0.0.0.0/0 0.0.0.0/0 owner UID match 0
2 622K 48M ACCEPT 6 -- * !lo 0.0.0.0/0 0.0.0.0/0 owner UID match 0
3 0 0 ACCEPT 0 -- * * 0.0.0.0/0 0.0.0.0/0 match-set chain_ALLOW dst

Chain DENYIN (1 references)
num pkts bytes target prot opt in out source destination
1 18388 1116K DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 match-set chain_DENY src

Chain DENYOUT (1 references)
num pkts bytes target prot opt in out source destination
1 52 2704 LOGDROPOUT 0 -- * * 0.0.0.0/0 0.0.0.0/0 match-set chain_DENY dst

Chain INVALID (2 references)
num pkts bytes target prot opt in out source destination
1 468 88316 INVDROP 0 -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
2 0 0 INVDROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
3 0 0 INVDROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
4 0 0 INVDROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
5 0 0 INVDROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
6 0 0 INVDROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x05/0x05
7 0 0 INVDROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x11/0x01
8 0 0 INVDROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x18/0x08
9 0 0 INVDROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x30/0x20
10 68 52555 INVDROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02 ctstate NEW

Chain INVDROP (10 references)
num pkts bytes target prot opt in out source destination
1 536 141K DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0

Chain LOCALINPUT (1 references)
num pkts bytes target prot opt in out source destination
1 10M 20G ALLOWIN 0 -- !lo * 0.0.0.0/0 0.0.0.0/0
2 10M 20G DENYIN 0 -- !lo * 0.0.0.0/0 0.0.0.0/0

Chain LOCALOUTPUT (1 references)
num pkts bytes target prot opt in out source destination
1 9823K 23G ALLOWOUT 0 -- * !lo 0.0.0.0/0 0.0.0.0/0
2 9201K 22G DENYOUT 0 -- * !lo 0.0.0.0/0 0.0.0.0/0

Chain LOGDROPIN (2 references)
num pkts bytes target prot opt in out source destination
1 1100 54928 DROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:23
2 1 51 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:23
3 3 132 DROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
4 3216 1206K DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
5 1 44 DROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:68
6 0 0 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:68
7 26 1460 DROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:111
8 6 408 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:111
9 3 160 DROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:113
10 0 0 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:113
11 29 1360 DROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:135:139
12 786 86838 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:135:139
13 81 4212 DROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:445
14 1 52 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:445
15 5 216 DROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:500
16 11 4096 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:500
17 1 52 DROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:513
18 0 0 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:513
19 2 80 DROP 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:520
20 3 156 DROP 17 -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:520
21 9542 438K LOG 6 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *TCP_IN Blocked* "
22 11140 1995K LOG 17 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *UDP_IN Blocked* "
23 82 5576 LOG 1 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *ICMP_IN Blocked* "
24 20878 2454K DROP 0 -- * * 0.0.0.0/0 0.0.0.0/0

Chain LOGDROPOUT (3 references)
num pkts bytes target prot opt in out source destination
1 0 0 LOG 6 -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x17/0x02 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *TCP_OUT Blocked* "
2 0 0 LOG 17 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *UDP_OUT Blocked* "
3 0 0 LOG 1 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *ICMP_OUT Blocked* "
4 52 2704 REJECT 0 -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable

Chain SMTPOUTPUT (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT 6 -- * lo 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587
2 55 3300 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587 owner GID match 8
3 0 0 ACCEPT 6 -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587 owner UID match 0
4 0 0 LOGDROPOUT 6 -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465,587


iptables mangle table
=====================
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination


iptables raw table
==================
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination


iptables nat table
==================
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination


ip6tables:

ip6tables filter table
======================
Chain INPUT (policy DROP 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 0 0 LOCALINPUT 0 -- !lo * ::/0 ::/0
2 14M 14G ACCEPT 0 -- lo * ::/0 ::/0
3 0 0 INVALID 6 -- !lo * ::/0 ::/0
4 0 0 ACCEPT 58 -- !lo * ::/0 ::/0
5 0 0 ACCEPT 0 -- !lo * ::/0 ::/0 ctstate RELATED,ESTABLISHED
6 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpts:35000:35999
7 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpt:20
8 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpt:21
9 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpt:22
10 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpt:25
11 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpt:53
12 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpt:853
13 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpt:80
14 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpt:110
15 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpt:143
16 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpt:443
17 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpt:465
18 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpt:587
19 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpt:993
20 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpt:995
21 0 0 ACCEPT 6 -- !lo * ::/0 ::/0 ctstate NEW tcp dpt:2222
22 0 0 ACCEPT 17 -- !lo * ::/0 ::/0 ctstate NEW udp dpt:20
23 0 0 ACCEPT 17 -- !lo * ::/0 ::/0 ctstate NEW udp dpt:21
24 0 0 ACCEPT 17 -- !lo * ::/0 ::/0 ctstate NEW udp dpt:53
25 0 0 ACCEPT 17 -- !lo * ::/0 ::/0 ctstate NEW udp dpt:853
26 0 0 ACCEPT 17 -- !lo * ::/0 ::/0 ctstate NEW udp dpt:80
27 0 0 ACCEPT 17 -- !lo * ::/0 ::/0 ctstate NEW udp dpt:443
28 0 0 LOGDROPIN 0 -- !lo * ::/0 ::/0

Chain FORWARD (policy DROP 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
1 29 1624 LOCALOUTPUT 0 -- * !lo ::/0 ::/0
2 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 tcp dpt:53
3 0 0 ACCEPT 17 -- * !lo ::/0 ::/0 udp dpt:53
4 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 tcp spt:53
5 0 0 ACCEPT 17 -- * !lo ::/0 ::/0 udp spt:53
6 14M 14G SMTPOUTPUT 0 -- * * ::/0 ::/0
7 14M 14G ACCEPT 0 -- * lo ::/0 ::/0
8 0 0 INVALID 6 -- * !lo ::/0 ::/0
9 29 1624 ACCEPT 58 -- * !lo ::/0 ::/0
10 0 0 ACCEPT 0 -- * !lo ::/0 ::/0 ctstate RELATED,ESTABLISHED
11 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:465
12 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:143
13 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:20
14 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:21
15 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:22
16 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:25
17 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:53
18 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:853
19 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:80
20 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:110
21 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:113
22 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:443
23 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:587
24 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:993
25 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:995
26 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 ctstate NEW tcp dpt:2222
27 0 0 ACCEPT 17 -- * !lo ::/0 ::/0 ctstate NEW udp dpt:11335
28 0 0 ACCEPT 17 -- * !lo ::/0 ::/0 ctstate NEW udp dpt:443
29 0 0 ACCEPT 17 -- * !lo ::/0 ::/0 ctstate NEW udp dpt:20
30 0 0 ACCEPT 17 -- * !lo ::/0 ::/0 ctstate NEW udp dpt:21
31 0 0 ACCEPT 17 -- * !lo ::/0 ::/0 ctstate NEW udp dpt:53
32 0 0 ACCEPT 17 -- * !lo ::/0 ::/0 ctstate NEW udp dpt:853
33 0 0 ACCEPT 17 -- * !lo ::/0 ::/0 ctstate NEW udp dpt:113
34 0 0 ACCEPT 17 -- * !lo ::/0 ::/0 ctstate NEW udp dpt:123
35 0 0 LOGDROPOUT 0 -- * !lo ::/0 ::/0

Chain ALLOWIN (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT 0 -- * * ::/0 ::/0 match-set chain_6_ALLOW src

Chain ALLOWOUT (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT 17 -- * !lo ::/0 ::/0 owner UID match 0
2 0 0 ACCEPT 6 -- * !lo ::/0 ::/0 owner UID match 0
3 0 0 ACCEPT 0 -- * * ::/0 ::/0 match-set chain_6_ALLOW dst

Chain DENYIN (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 DROP 0 -- * * ::/0 ::/0 match-set chain_6_DENY src

Chain DENYOUT (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 LOGDROPOUT 0 -- * * ::/0 ::/0 match-set chain_6_DENY dst

Chain INVALID (2 references)
num pkts bytes target prot opt in out source destination
1 0 0 INVDROP 0 -- * * ::/0 ::/0 ctstate INVALID
2 0 0 INVDROP 6 -- * * ::/0 ::/0 tcp flags:0x3F/0x00
3 0 0 INVDROP 6 -- * * ::/0 ::/0 tcp flags:0x3F/0x3F
4 0 0 INVDROP 6 -- * * ::/0 ::/0 tcp flags:0x03/0x03
5 0 0 INVDROP 6 -- * * ::/0 ::/0 tcp flags:0x06/0x06
6 0 0 INVDROP 6 -- * * ::/0 ::/0 tcp flags:0x05/0x05
7 0 0 INVDROP 6 -- * * ::/0 ::/0 tcp flags:0x11/0x01
8 0 0 INVDROP 6 -- * * ::/0 ::/0 tcp flags:0x18/0x08
9 0 0 INVDROP 6 -- * * ::/0 ::/0 tcp flags:0x30/0x20
10 0 0 INVDROP 6 -- * * ::/0 ::/0 tcp flags:!0x17/0x02 ctstate NEW

Chain INVDROP (10 references)
num pkts bytes target prot opt in out source destination
1 0 0 DROP 0 -- * * ::/0 ::/0

Chain LOCALINPUT (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 ALLOWIN 0 -- !lo * ::/0 ::/0
2 0 0 DENYIN 0 -- !lo * ::/0 ::/0

Chain LOCALOUTPUT (1 references)
num pkts bytes target prot opt in out source destination
1 29 1624 ALLOWOUT 0 -- * !lo ::/0 ::/0
2 29 1624 DENYOUT 0 -- * !lo ::/0 ::/0

Chain LOGDROPIN (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 DROP 6 -- * * ::/0 ::/0 tcp dpt:23
2 0 0 DROP 17 -- * * ::/0 ::/0 udp dpt:23
3 0 0 DROP 6 -- * * ::/0 ::/0 tcp dpt:67
4 0 0 DROP 17 -- * * ::/0 ::/0 udp dpt:67
5 0 0 DROP 6 -- * * ::/0 ::/0 tcp dpt:68
6 0 0 DROP 17 -- * * ::/0 ::/0 udp dpt:68
7 0 0 DROP 6 -- * * ::/0 ::/0 tcp dpt:111
8 0 0 DROP 17 -- * * ::/0 ::/0 udp dpt:111
9 0 0 DROP 6 -- * * ::/0 ::/0 tcp dpt:113
10 0 0 DROP 17 -- * * ::/0 ::/0 udp dpt:113
11 0 0 DROP 6 -- * * ::/0 ::/0 tcp dpts:135:139
12 0 0 DROP 17 -- * * ::/0 ::/0 udp dpts:135:139
13 0 0 DROP 6 -- * * ::/0 ::/0 tcp dpt:445
14 0 0 DROP 17 -- * * ::/0 ::/0 udp dpt:445
15 0 0 DROP 6 -- * * ::/0 ::/0 tcp dpt:500
16 0 0 DROP 17 -- * * ::/0 ::/0 udp dpt:500
17 0 0 DROP 6 -- * * ::/0 ::/0 tcp dpt:513
18 0 0 DROP 17 -- * * ::/0 ::/0 udp dpt:513
19 0 0 DROP 6 -- * * ::/0 ::/0 tcp dpt:520
20 0 0 DROP 17 -- * * ::/0 ::/0 udp dpt:520
21 0 0 LOG 6 -- * * ::/0 ::/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *TCP6IN Blocked* "
22 0 0 LOG 17 -- * * ::/0 ::/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *UDP6IN Blocked* "
23 0 0 LOG 58 -- * * ::/0 ::/0 limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *ICMP6IN Blocked* "
24 0 0 DROP 0 -- * * ::/0 ::/0

Chain LOGDROPOUT (3 references)
num pkts bytes target prot opt in out source destination
1 0 0 LOG 6 -- * * ::/0 ::/0 tcp flags:0x17/0x02 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *TCP6OUT Blocked* "
2 0 0 LOG 17 -- * * ::/0 ::/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *UDP6OUT Blocked* "
3 0 0 LOG 58 -- * * ::/0 ::/0 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *ICMP6OUT Blocked* "
4 0 0 REJECT 0 -- * * ::/0 ::/0 reject-with icmp6-port-unreachable

Chain SMTPOUTPUT (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT 6 -- * lo ::/0 ::/0 multiport dports 25,465,587
2 0 0 ACCEPT 6 -- * * ::/0 ::/0 multiport dports 25,465,587 owner GID match 8
3 0 0 ACCEPT 6 -- * * ::/0 ::/0 multiport dports 25,465,587 owner UID match 0
4 0 0 LOGDROPOUT 6 -- * * ::/0 ::/0 multiport dports 25,465,587


ip6tables mangle table
======================
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination


ip6tables raw table
===================
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination


ip6tables nat table
===================
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
num pkts bytes target prot opt in out source destination
 
ClubNZB said:
OK so fas so good but this IP is ttill accessing the server and doesent block by ConfigServer Firewall.
Click to expand...
Don't post complete pages. Post only the line from which you think the ip is not blocked.

And you don't need to mask abusing ip's either.
 
You must log in or register to reply here.
Back
Top