IPTables Intermittent Stopping
Craig White
craig at tobyhouse.com
Mon Jan 7 10:59:41 MST 2008
On Mon, 2008-01-07 at 10:46 -0700, Jay wrote:
> On Mon, 7 Jan 2008, Craig White wrote:
>
> > gee...you're the security expert
>
>
> Perhaps, but that does not make me an expert on the funkiness of every
> piece of security-related software. :)
>
>
> > Do you have something like denyhosts (I vaguely recall something else
> > like it that starts with a 'p') that periodically scans logs for login
> > failures via ssh and adds rules to iptables which would require a
> > stop/start of iptables rules?
>
>
> Nah, nothing dynamic at all. Even if it were, this is not a host or even
> port level issue... When it is not working, notice nmap shows all other
> ports as **closed** (meaning no filtering is happening, meaning iptables
> is not even intercepting packets at all), versus when it is working, all
> other ports show **filtered** (meaning iptables is grabbing the packets
> and doing its thing).
----
OK, it was silly of me to think that I might be of some help but just in
case, you might want to swap hub/switch and if you have to hop through a
router, try eliminating them from the equation. Other than that, I am
done because you clearly know more about this stuff than I will ever
know.
Craig
More information about the PLUG-discuss
mailing list