iptables nega acesso interno à porta 17500

Question

iptables nega acesso interno à porta 17500

#1 resposta do (2 votos)

2

No log do kernel, existem centenas dessas linhas. A fonte é o IP externo do VPS (não localhost nem 127.0.0.1), outras vezes um IP da rede do provedor VPS. A porta de origem e a porta de destino são sempre 17500. Pesquisei um pouco, mas não parece ser uma porta conhecida. Não é usado por SSH, FTP, servidor de e-mail ou outros da minha parte.

EDIT: Dropbox não está instalado do servidor (que roda o Ubuntu Server 12.04)

Jan  2 01:17:17 kernel: [8861587.504866] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:25:09:e7:9b:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=210 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=190 
Jan  2 01:17:40 kernel: [8861610.825311] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:05:90:ad:c2:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=151 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=131 
Jan  2 01:17:47 kernel: [8861617.544797] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:25:09:e7:9b:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=210 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=190 
Jan  2 01:18:10 kernel: [8861640.864049] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:05:90:ad:c2:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=151 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=131 
Jan  2 01:18:17 kernel: [8861647.584077] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:25:09:e7:9b:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=210 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=190 
Jan  2 01:18:40 kernel: [8861670.903856] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:05:90:ad:c2:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=151 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=131 
Jan  2 01:18:47 kernel: [8861677.623413] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:25:09:e7:9b:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=210 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=190 
Jan  2 01:19:10 kernel: [8861700.944182] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:05:90:ad:c2:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=151 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=131 
Jan  2 01:19:17 kernel: [8861707.662837] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:25:09:e7:9b:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=210 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=190 
Jan  2 01:19:40 kernel: [8861730.984200] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:05:90:ad:c2:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=151 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=131 
Jan  2 01:19:47 kernel: [8861737.702796] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:25:09:e7:9b:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=210 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=190 
Jan  2 01:20:10 kernel: [8861761.023621] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:05:90:ad:c2:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=151 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=131 
Jan  2 01:20:17 kernel: [8861767.742645] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:25:09:e7:9b:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=210 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=190 
Jan  2 01:20:40 kernel: [8861791.064367] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:05:90:ad:c2:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=151 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=131 
Jan  2 01:20:47 kernel: [8861797.782511] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:25:09:e7:9b:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=210 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=190 
Jan  2 01:21:10 kernel: [8861821.103867] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:05:90:ad:c2:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=151 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=131 
Jan  2 01:21:17 kernel: [8861827.822161] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:25:09:e7:9b:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=210 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=190 
Jan  2 01:21:40 kernel: [8861851.144209] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:05:90:ad:c2:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=151 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=131 
Jan  2 01:21:47 kernel: [8861857.862165] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:25:09:e7:9b:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=210 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=190 
Jan  2 01:22:10 kernel: [8861881.181915] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:05:90:ad:c2:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=151 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=131 
Jan  2 01:22:17 kernel: [8861887.901566] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:25:09:e7:9b:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=210 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=190 
Jan  2 01:22:41 kernel: [8861911.215488] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:05:90:ad:c2:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=151 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=131 
Jan  2 01:22:47 kernel: [8861917.941271] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:25:09:e7:9b:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=210 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=190 
Jan  2 01:23:11 kernel: [8861941.252756] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:05:90:ad:c2:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=151 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=131 
Jan  2 01:23:17 kernel: [8861947.981005] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:25:09:e7:9b:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=210 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=190 
Jan  2 01:23:41 kernel: [8861971.292991] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:05:90:ad:c2:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=151 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=131 
Jan  2 01:23:47 kernel: [8861978.021033] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:25:09:e7:9b:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=210 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=190 
Jan  2 01:24:11 kernel: [8862001.333676] iptables denied: IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:10:00:05:90:ad:c2:08:00 SRC=xx.xx.xx.xx DST=255.255.255.255 LEN=151 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=UDP SPT=17500 DPT=17500 LEN=131

Aqui estão meus iptables:

################## FILTER ##################
*filter

#  Allows all loopback (lo0) traffic and drop all traffic to 127/8 that doesn't use lo0
-A INPUT -i lo -j ACCEPT
-A INPUT -i lo -d 127.0.0.0/8 -j REJECT

#  Accepts all established inbound connections
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

#  Allows all outbound traffic
#  You can modify this to only allow certain traffic
-A OUTPUT -j ACCEPT

# Allows HTTP and HTTPS connections from anywhere (the normal ports for websites)
-A INPUT -p tcp --dport 80 -j ACCEPT
-A INPUT -p tcp --dport 443 -j ACCEPT

#  Allows SSH and Webmin connections
-A INPUT -p tcp -m state --state NEW --dport 50000 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 1212 -j ACCEPT

# Allows FTP access
-A OUTPUT -p tcp -m tcp --sport 20 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 21 -j ACCEPT

# Disallow ping
-A INPUT -p icmp -m icmp --icmp-type 8 -j DROP

# log iptables denied calls
-A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables denied: " --log-level 7

# Reject all other inbound - default deny unless explicitly allowed policy
-A INPUT -j REJECT
-A FORWARD -j REJECT

COMMIT


################## NAT ##################
*nat

:PREROUTING ACCEPT [59412:4936393]
:INPUT ACCEPT [41513:2484958]
:OUTPUT ACCEPT [16417:1072327]
:POSTROUTING ACCEPT [16417:1072327]

COMMIT


################## MANGLE ##################
*mangle

:PREROUTING ACCEPT [1574957:131349929]
:INPUT ACCEPT [1572501:131156748]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [1669706:6747756890]
:POSTROUTING ACCEPT [1669706:6747756890]

COMMIT

iptables firewall port

por MultiformeIngegno 02.01.2013 / 01:37

1 resposta

Tags iptables firewall port

Outlook / importPRF trava com o diálogo se o MailboxName no perfil for o prefixo de outro O proxy mysql está pronto para uso em produção?

score 2 · Answer 1

A porta 17500 é usada pelo Dropbox LAN Sync . Se você tem 2 computadores na mesma rede com o Dropbox instalado, ativá-lo permitiria transferências muito rápidas.

O Lan Sync usa broadcast para detectar peers, portanto, se alguém na sua lan tiver o Dropbox instalado com ele ativado, você verá essas entradas no log.

Para nunca mais ver essas entradas, adicione essa linha aos seus filtros:

# Ignore Dropbox LAN Sync broadcasts
-A INPUT -p udp -m udp --dport 17500 -j DROP

Você nunca deve ver essas entradas novamente.