Requests still being served despite iptables block for subnet

debian iptables

Solution 1:

With IPTables, rules are processed in the order they appear in the chains. Your system has Ubuntu ufw firewall management system set up, and it has installed a set of rules.

In your specific example, packets come to the system to INPUT chain. In the chain, on line 41, packets start to traverse ufw-before-logging-input chain. That chain contains several rules, until packets are passed to ufw-user-input chain on line 73.

In ufw-user-input, there is the rule to accept packets coming to ports 80 and 443 on lines 111 and 110 respectively.

Now, since your added rules are at the end of INPUT chain, it means that those rules are never reached, because packets are already accepted in ufw-user-input chain.

In your case, I recommend you to look up the official way of adding DROP rules in ufw, instead of bypassing it with separate iptables commands.

Related

Difference between AWS EC2 T4g and T3a instance types?
Programmatically open a SSH tunnel in active session?
Configuring roundcube with SSL for SMTP and IMAP
Web.config modification to block search engines from crawling pdfs
Switch from existing firewalld configuration to nftables
Does AD B2C offer in-app authentication instead of jumping to b2clogin.com
How can an Administrator Discreetly View a Remote Desktop User's Session?
Forcing Dovecot 2.3.4.1 to use TLSv1.2
Permanent storage in GCP Cloud Shell lost
nginx does not respond correctly to HTTP/1.1
Squid makes Internet slow
GOOGLE_APPLICATION_CREDENTIALS where is it?