IPtables Centos 7 in the wrong order acording to lynis?

Question

I got my iptables loaded in the /etc/sysconfig/iptables .

# Generated by iptables-save v1.4.21 on Tue Sep 9 18:38:38 2014

*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [12:1312]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p tcp -m tcp --dport 10101 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 993 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 143 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 995 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 110 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 465 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 25 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG FIN,SYN,RST,PSH,ACK,URG -j DROP
-A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP
-A INPUT -p tcp -m tcp --tcp-flags FIN,SYN,RST,PSH,ACK,URG NONE -j DROP
COMMIT
# Completed on Tue Sep  9 18:38:38 2014

When i run Lynis to audit my server i get the following response .

 - Found possible unused iptables rules (3 4 5 6 7 8 9 10 11 12 13 14) [test:FIRE-4513]

It states found "possible" unused iptables is this due to a wrong order of my iptables ?

thanks in advance for any leads .

See http://stackoverflow.com/a/25229943/1472048 You'd better use firewall-cmd on Centos7 since it uses firewalld service. — Metal3d, Nov 30 '15 at 14:42

score 0 · Accepted Answer · answered Sep 10 '14 at 12:30

Check out the related iptables command and see what rules apply. Then check your netstat -an output and determine if those services are running and get traffic.

If you believe there is traffic and the results stay the same, contact the author of Lynis (lynis-dev@domain)

IPtables Centos 7 in the wrong order acording to lynis?

1 Answers1