See reason why iptables is blocking someone
drmikedrmike Member
edited October 2011 in General

I was kind of joking about how much blocking iptables was doing but I noticed that my messages file was over 5 megs in size so I'm sitting here with a tail on my /var/log/messages file and it's nothing but "iptables denied" messages.

With lots of:

Oct 15 21:45:26 vps vmunix: [161283.176386] iptables denied: IN=eth0 OUT= MAC=blah SRC= DST=blah LEN=48 TOS=0x00 PREC=0x00 TTL=121 ID=5556 PROTO=TCP SPT=1606 DPT=6914 WINDOW=16384 RES=0x00 SYN URGP=0

Is there any way too tell why a connect is being blocked? Google'ing for keywords doesn't pull up anything right off.

Using Debian 6 on Xen for reference.



  • miTgiBmiTgiB Member
    edited October 2011

    drmike said: SPT=1606 DPT=6914

    Are these ports open or closed in your rules?

  • drmikedrmike Member
    edited October 2011

    They should be closed but I'm getting a response on one of them. Gone to look....

    edit: Got it. Never mind. :whistle:

  • Well?

  • drmikedrmike Member
    edited October 2011

    For whatever reason, the changes I made to /etc/iptables.up.rules when I reinstalled rtorrent on the last reinstall didn't take.

    When I looked up the ports to see what program or script used that port, it was clear what the issue was.

    edit: Did a reboot just to make sure. Sitting here with a tail on messages again to see what shows up.

  • Hmmm, no good. This is correct for iptables, right?

    # Allow mud port 7500
    -A INPUT -p tcp --dport 7500 -j ACCEPT
    # Allow bittorrent
    -A INPUT -p tcp --dport 6890:6999 -j ACCEPT
  • Looks right to me but make sure that rtorrent is configured to use those ports as well.

