Hola
@jsanchez
Las tablas IP deberías tenerlas como se muestran a continuación, esa es mi configuración y se ejecuta bien la prueba sobre esos puertos
root@debian3cx:~# iptables -L
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
DROP all -- anywhere anywhere ctstate INVALID
DROP all -- loopback/8 anywhere
ACCEPT all -- anywhere sip.mcast.net
DROP all -- anywhere anywhere ADDRTYPE match dst-type BROADCAST
DROP all -- anywhere anywhere ADDRTYPE match dst-type MULTICAST
DROP all -- anywhere anywhere ADDRTYPE match dst-type ANYCAST
DROP all -- anywhere base-address.mcast.net/4
ACCEPT tcp -- anywhere anywhere multiport dports http,https,5000,5001,5015,sip,sip-tls,5090 tcp flags:FIN,SYN,RST,ACK/SYN ctstate NEW
ACCEPT udp -- anywhere anywhere multiport dports tftp,sip,5090,afs3-fileserver:10999
ACCEPT udp -- anywhere anywhere multiport dports netbios-ns,netbios-dgm
ACCEPT tcp -- anywhere anywhere multiport dports netbios-ssn,microsoft-ds
SSHBRUTE tcp -- anywhere anywhere tcp dpt:ssh flags:FIN,SYN,RST,ACK/SYN ctstate NEW
ACCEPT icmp -- anywhere anywhere icmp echo-reply ctstate NEW
ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ctstate NEW
ACCEPT icmp -- anywhere anywhere icmp time-exceeded ctstate NEW
ICMPFLOOD icmp -- anywhere anywhere icmp echo-request ctstate NEW
DROP udp -- anywhere anywhere multiport dports loc-srv,microsoft-ds
DROP udp -- anywhere anywhere udp dpts:netbios-ns:netbios-ssn
DROP udp -- anywhere anywhere udp spt:netbios-ns dpts:1024:65535
DROP tcp -- anywhere anywhere multiport dports loc-srv,netbios-ssn,microsoft-ds
DROP udp -- anywhere anywhere udp dpt:1900
DROP udp -- anywhere anywhere udp spt:domain
REJECT tcp -- anywhere anywhere tcp dpt:auth flags:FIN,SYN,RST,ACK/SYN ctstate NEW reject-with tcp-reset
LOG all -- anywhere anywhere limit: avg 1/sec burst 100 LOG level warning prefix "iptables[DOS]: "
ACCEPT all -- anywhere sip.mcast.net
ACCEPT tcp -- anywhere anywhere multiport dports 5000,5001,sip,sip-tls,5090 tcp flags:FIN,SYN,RST,ACK/SYN ctstate NEW
ACCEPT udp -- anywhere anywhere multiport dports sip,5090
Chain FORWARD (policy DROP)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain ICMPFLOOD (1 references)
target prot opt source destination
all -- anywhere anywhere recent: SET name: ICMP side: source mask: 255.255.255.255
LOG all -- anywhere anywhere recent: UPDATE seconds: 1 hit_count: 6 TTL-Match name: ICMP side: source mask: 255.255.255.255 limit: avg 1/sec burst 1 LOG level warning prefix "iptables[ICMP-flood]: "
DROP all -- anywhere anywhere recent: UPDATE seconds: 1 hit_count: 6 TTL-Match name: ICMP side: source mask: 255.255.255.255
ACCEPT all -- anywhere anywhere
Chain SSHBRUTE (1 references)
target prot opt source destination
all -- anywhere anywhere recent: SET name: SSH side: source mask: 255.255.255.255
LOG all -- anywhere anywhere recent: UPDATE seconds: 300 hit_count: 10 name: SSH side: source mask: 255.255.255.255 limit: avg 1/sec burst 100 LOG level warning prefix "iptables[SSH-brute]: "
DROP all -- anywhere anywhere recent: UPDATE seconds: 300 hit_count: 10 name: SSH side: source mask: 255.255.255.255
ACCEPT all -- anywhere anywhere
root@debian3cx:~#