Still get a problem with asl-firewall

Customer support forums for Atomic Protector (formerly Atomic Secured Linux). There is no such thing as a bad question here as long as it pertains to using Atomic Protector. Newbies feel free to get help getting started or asking questions that may be obvious. Regular users are asked to be gentle. :-)
Post Reply
DarkF@der
Forum Regular
Forum Regular
Posts: 313
Joined: Thu May 07, 2009 12:46 pm

Still get a problem with asl-firewall

Unread post by DarkF@der »

I have configured UDP to accept dhcp in the webconsole:

Inbound UDP Services

Code: Select all


FW_INBOUND_UDP_SERVICES: 53,67,68,123
Restarted asl-firewall but no luck still seeing these messages:

Code: Select all

server04 kernel: ASL_AR_DROP IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:1c:c4:13:12:38:08:00 SRC=0.0.0.0 DST=255.255.255.255 LEN=576 TOS=0x00 PREC=0x00 TTL=20 ID=2 PROTO=UDP SPT=68 DPT=67 LEN=556
I also tryed asl -s -f
But it's stil blocking.

grep UDP /etc/asl/config

Code: Select all

FW_INBOUND_UDP_SERVICES="53,67,68,123"
FW_OUTPUT_UDP_SERVICES="no"
iptables -L INPUT -n

Code: Select all

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ASL-ACTIVE-RESPONSE  all  --  31.16.167.36         0.0.0.0/0
ASL-ACTIVE-RESPONSE  all  --  190.123.46.52        0.0.0.0/0
ASL-ACTIVE-RESPONSE  all  --  82.40.41.200         0.0.0.0/0
ASL-ACTIVE-RESPONSE  all  --  60.173.11.104        0.0.0.0/0
ASL-ACTIVE-RESPONSE  all  --  88.3.6.220           0.0.0.0/0
ASL-ACTIVE-RESPONSE  all  --  120.43.6.47          0.0.0.0/0
ASL-ACTIVE-RESPONSE  all  --  186.242.227.160      0.0.0.0/0
ASL-ACTIVE-RESPONSE  all  --  54.246.137.243       0.0.0.0/0           /* 1411073570.8507345 */
ASL-ACTIVE-RESPONSE  all  --  90.195.159.64        0.0.0.0/0           /* 1411073458.8492313 */
ASL-ACTIVE-RESPONSE  all  --  108.61.230.200       0.0.0.0/0           /* 1411073265.8472456 */
ASL-ACTIVE-RESPONSE  all  --  2.126.132.215        0.0.0.0/0           /* 1411073249.8458950 */
ASL-ACTIVE-RESPONSE  all  --  86.16.56.123         0.0.0.0/0           /* 1411073189.8450578 */
ASL-ACTIVE-RESPONSE  all  --  217.146.1.38         0.0.0.0/0           /* 1411073091.8434951 */
ASL-ACTIVE-RESPONSE  all  --  46.32.254.163        0.0.0.0/0           /* 1411072471.8217531 */
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
ASL-ACTIVE-RESPONSE  all  --  54.246.137.243       0.0.0.0/0
ASL-ACTIVE-RESPONSE  all  --  2.126.132.215        0.0.0.0/0
ASL-ACTIVE-RESPONSE  all  --  208.66.193.102       0.0.0.0/0
ASL-ACTIVE-RESPONSE  all  --  50.87.144.145        0.0.0.0/0
ASL-ACTIVE-RESPONSE  all  --  87.195.107.73        0.0.0.0/0
ASL-ACTIVE-RESPONSE  all  --  209.133.111.211      0.0.0.0/0
ASL-ACTIVE-RESPONSE  all  --  81.169.191.4         0.0.0.0/0
ASL-WHITELIST  all  --  0.0.0.0/0            0.0.0.0/0
ASL-GEO-BLACKLIST  all  --  0.0.0.0/0            0.0.0.0/0
ASL-BLACKLIST  all  --  0.0.0.0/0            0.0.0.0/0
ASL-ACTIVE-RESPONSE  all  --  204.51.181.169       0.0.0.0/0           /* 1410251048.579830 */
ASL-ACTIVE-RESPONSE  all  --  204.51.219.57        0.0.0.0/0           /* 1410251048.579191 */
ASL-ACTIVE-RESPONSE  all  --  216.121.43.105       0.0.0.0/0           /* 1410251048.578550 */
ASL-ACTIVE-RESPONSE  all  --  61.174.51.214        0.0.0.0/0           /* 1410250973.577265 */
ASL-ACTIVE-RESPONSE  all  --  77.73.102.87         0.0.0.0/0           /* 1410250969.575417 */
ASL-ACTIVE-RESPONSE  all  --  209.141.57.41        0.0.0.0/0           /* 1410250955.573205 */
ASL-ACTIVE-RESPONSE  all  --  0.0.0.0              0.0.0.0/0           /* 1410250861.569403 */
ASL-ACTIVE-RESPONSE  all  --  213.251.182.11       0.0.0.0/0           /* 1410250732.568713 */
ASL-ACTIVE-RESPONSE  all  --  87.195.107.70        0.0.0.0/0           /* 1410250479.565609 */
ASL-ACTIVE-RESPONSE  all  --  108.161.186.122      0.0.0.0/0           /* 1410250172.564960 */
ASL-ACTIVE-RESPONSE  all  --  87.195.107.116       0.0.0.0/0           /* 1410249658.560382 */
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
DROP       all  --  0.0.0.0/0            0.0.0.0/0           state INVALID
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:30000 state NEW
ASL-TORTIXD-ACL  tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:30000 state NEW
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           tcp dpt:9876 /* IN_acronic */
iptables -L ASL-Firewall-INPUT -n

Code: Select all

target     prot opt source               destination
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           icmp type 255
ACCEPT     esp  --  0.0.0.0/0            0.0.0.0/0
ACCEPT     ah   --  0.0.0.0/0            0.0.0.0/0
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:21
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:25
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:53
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:80
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:106
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:113
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:110
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:143
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:443
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:465
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:587
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:990
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:993
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:995
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:3306
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:5224
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:5432
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:6308
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8443
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8447
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:8880
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:9080
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:11443
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:11444
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:53
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:67
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:68
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0           state NEW udp dpt:123
LOG        all  --  0.0.0.0/0            0.0.0.0/0           limit: avg 1/sec burst 5 LOG flags 7 level 6 prefix `DROP_ASL_INPUT '
DROP       all  --  0.0.0.0/0            0.0.0.0/0
Top
prupert
Forum Regular
Forum Regular
Posts: 573
Joined: Tue Aug 01, 2006 2:45 pm
Location: Netherlands

Re: Still get a problem with asl-firewall

Unread post by prupert »

The log says 'ASL_AR_DROP' which suggests that the IP address is shunned.

I also noticed this tweet from atomicorp:
https://twitter.com/atomicorp/status/512615275859312640
"Added in code to not shun broadcast 0.0.0.0 or 255.255.255.255"

Hooray?
Lemonbit Internet Dedicated Server Management
Top
Post Reply

Return to “Atomic Protector (formerly ASL)”