Posted April 7, 201410 yr It appears i cant connect linux VPS server via SSH or i cant SCP any file to it and i cant wget any file TO it (from inside it) while CSF (Config Server Firewall, LFD is running. Just after isntall in default configuration and after changing TESTING mode to LIVE mode. Trying to wget & install comething => stuck Code: [root@pvbvfxby ~]# wget http://www.inetbase.com/scripts/ddos/install.sh;chmod 0700 install.sh; --2014-04-07 08:25:26-- http://www.inetbase.com/scripts/ddos/install.sh Resolving www.inetbase.com... 184.173.190.146 Connecting to www.inetbase.com|184.173.190.146|:80... Trying to SCP something into VPS: Code: amnesia@amnesia:~$ scp install.sh root@vpsipthere:/root ERROR: Got error response from SOCKS server: 6 (TTL expired). FATAL: failed to begin relaying via SOCKS. ssh_exchange_identification: Connection closed by remote host lost connection Nothing in deny file/s Code: [root@pvbvfxby log]# cat /etc/*deny* My computer IP not in iptables: Code: [root@pvbvfxby log]# iptables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT tcp -- google-public-dns-b.google.com anywhere tcp dpt:domain ACCEPT udp -- google-public-dns-b.google.com anywhere udp dpt:domain ACCEPT tcp -- google-public-dns-b.google.com anywhere tcp spt:domain ACCEPT udp -- google-public-dns-b.google.com anywhere udp spt:domain ACCEPT tcp -- google-public-dns-a.google.com anywhere tcp dpt:domain ACCEPT udp -- google-public-dns-a.google.com anywhere udp dpt:domain ACCEPT tcp -- google-public-dns-a.google.com anywhere tcp spt:domain ACCEPT udp -- google-public-dns-a.google.com anywhere udp spt:domain LOCALINPUT all -- anywhere anywhere ACCEPT all -- anywhere anywhere INVALID tcp -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp-data ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:smtp ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:domain ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:pop3 ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:imap ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:smtps ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:submission ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:imaps ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:pop3s ACCEPT udp -- anywhere anywhere state NEW udp dpt:ftp-data ACCEPT udp -- anywhere anywhere state NEW udp dpt:ftp ACCEPT udp -- anywhere anywhere state NEW udp dpt:domain ACCEPT icmp -- anywhere anywhere icmp echo-request limit: avg 1/sec burst 5 ACCEPT icmp -- anywhere anywhere icmp echo-reply limit: avg 1/sec burst 5 ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp destination-unreachable LOGDROPIN all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT tcp -- anywhere google-public-dns-b.google.com tcp dpt:domain ACCEPT udp -- anywhere google-public-dns-b.google.com udp dpt:domain ACCEPT tcp -- anywhere google-public-dns-b.google.com tcp spt:domain ACCEPT udp -- anywhere google-public-dns-b.google.com udp spt:domain ACCEPT tcp -- anywhere google-public-dns-a.google.com tcp dpt:domain ACCEPT udp -- anywhere google-public-dns-a.google.com udp dpt:domain ACCEPT tcp -- anywhere google-public-dns-a.google.com tcp spt:domain ACCEPT udp -- anywhere google-public-dns-a.google.com udp spt:domain LOCALOUTPUT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp spt:domain ACCEPT udp -- anywhere anywhere udp spt:domain ACCEPT all -- anywhere anywhere INVALID tcp -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp-data ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:smtp ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:domain ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:pop3 ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:auth ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https ACCEPT udp -- anywhere anywhere state NEW udp dpt:ftp-data ACCEPT udp -- anywhere anywhere state NEW udp dpt:ftp ACCEPT udp -- anywhere anywhere state NEW udp dpt:domain ACCEPT udp -- anywhere anywhere state NEW udp dpt:auth ACCEPT udp -- anywhere anywhere state NEW udp dpt:ntp ACCEPT icmp -- anywhere anywhere icmp echo-reply ACCEPT icmp -- anywhere anywhere icmp echo-request ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp destination-unreachable LOGDROPOUT all -- anywhere anywhere Chain ALLOWIN (1 references) target prot opt source destination Chain ALLOWOUT (1 references) target prot opt source destination Chain DENYIN (1 references) target prot opt source destination Chain DENYOUT (1 references) target prot opt source destination Chain INVALID (2 references) target prot opt source destination INVDROP all -- anywhere anywhere state INVALID INVDROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/NONE INVDROP tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,PSH,ACK,URG/FIN,SYN,RST,PSH,ACK,URG INVDROP tcp -- anywhere anywhere tcp flags:FIN,SYN/FIN,SYN INVDROP tcp -- anywhere anywhere tcp flags:SYN,RST/SYN,RST INVDROP tcp -- anywhere anywhere tcp flags:FIN,RST/FIN,RST INVDROP tcp -- anywhere anywhere tcp flags:FIN,ACK/FIN INVDROP tcp -- anywhere anywhere tcp flags:PSH,ACK/PSH INVDROP tcp -- anywhere anywhere tcp flags:ACK,URG/URG INVDROP tcp -- anywhere anywhere tcp flags:!FIN,SYN,RST,ACK/SYN state NEW Chain INVDROP (10 references) target prot opt source destination DROP all -- anywhere anywhere Chain LOCALINPUT (1 references) target prot opt source destination ALLOWIN all -- anywhere anywhere DENYIN all -- anywhere anywhere Chain LOCALOUTPUT (1 references) target prot opt source destination ALLOWOUT all -- anywhere anywhere DENYOUT all -- anywhere anywhere Chain LOGDROPIN (1 references) target prot opt source destination DROP tcp -- anywhere anywhere tcp dpt:bootps DROP udp -- anywhere anywhere udp dpt:bootps DROP tcp -- anywhere anywhere tcp dpt:bootpc DROP udp -- anywhere anywhere udp dpt:bootpc DROP tcp -- anywhere anywhere tcp dpt:sunrpc DROP udp -- anywhere anywhere udp dpt:sunrpc DROP tcp -- anywhere anywhere tcp dpt:auth DROP udp -- anywhere anywhere udp dpt:auth DROP tcp -- anywhere anywhere tcp dpts:epmap:netbios-ssn DROP udp -- anywhere anywhere udp dpts:epmap:netbios-ssn DROP tcp -- anywhere anywhere tcp dpt:microsoft-ds DROP udp -- anywhere anywhere udp dpt:microsoft-ds DROP tcp -- anywhere anywhere tcp dpt:isakmp DROP udp -- anywhere anywhere udp dpt:isakmp DROP tcp -- anywhere anywhere tcp dpt:login DROP udp -- anywhere anywhere udp dpt:who DROP tcp -- anywhere anywhere tcp dpt:efs DROP udp -- anywhere anywhere udp dpt:router LOG tcp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warning prefix `Firewall: *TCP_IN Blocked* ' LOG udp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warning prefix `Firewall: *UDP_IN Blocked* ' LOG icmp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warning prefix `Firewall: *ICMP_IN Blocked* ' DROP all -- anywhere anywhere Chain LOGDROPOUT (1 references) target prot opt source destination LOG tcp -- anywhere anywhere tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 30/min burst 5 LOG level warning uid prefix `Firewall: *TCP_OUT Blocked* ' LOG udp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warning uid prefix `Firewall: *UDP_OUT Blocked* ' LOG icmp -- anywhere anywhere limit: avg 30/min burst 5 LOG level warning uid prefix `Firewall: *ICMP_OUT Blocked* ' DROP all -- anywhere anywhere when i do: service csf stop connections starts working, when i start, it fails to connect, wget.. Continue reading...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.