System blocking all TCP connections

System is version 12.7.4-1712-2.sng7

Lately the customer is complaining that the GUI is unreachable. Come to find out that if we turn off iptables we can access the GUI just fine. Doing a iptables -L I get:

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
REJECT     all  --  anywhere             anywhere             reject-with 
icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain fail2ban-BadBots (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-FTP (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-SIP (2 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere
RETURN     all  --  anywhere             anywhere

Chain fail2ban-SSH (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-apache-auth (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

Chain fail2ban-recidive (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere

It looks to me that Chain fail2ban-BadBots is the culpret I could be wrong tho. Is the issue here at all?

Unless you miss copied and pasted , You are not ACCEPTING your INPUT chain. and further REJECTING all NAT bound traffic believing it is all ICMP traffic

I did mess up on my copy and paste. I tried to delete the post but couldn’t. Stay tuned for a new post

Here is an iptables -L output

    Chain INPUT (policy ACCEPT)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere             state RELATED,ESTA               BLISHED
ACCEPT     udp  --  anywhere             anywhere             udp dpts:ndmp:dnp
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     tcp  --  anywhere             anywhere             multiport dports s               sh,http,https,sip,sip-tls
ACCEPT     udp  --  anywhere             anywhere             multiport dports t               ftp,domain,sip,sip-tls
ACCEPT     udp  --  anywhere             anywhere             udp spts:bootps:bo               otpc dpts:bootps:bootpc
REJECT     all  --  anywhere             anywhere             reject-with icmp-h               ost-prohibited

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
REJECT     all  --  anywhere             anywhere             reject-with icmp-h               ost-prohibited

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

It shows that all TCP traffic is alowed but TCP traffic to the GUI is not working. There is a possibility that the onboard firewall was enabled and then disabled.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.