• Convert iptables line to command-line syntax for CSF bash script 2019-03-21

    This is the question about command-line iptables syntax. I have the following chains in /etc/sysconfig/iptables # Generated by iptables-save v1.4.21 on Fri May 22 07:51:03 2015 *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] COMMIT but I need

    Tags: bash, iptables
  • Optimizing firewall rules processing 2015-01-07

    I'm using fail2ban to block failed login attempts on my server. The block is performed using IP tables with the following configuration: actionstart = iptables -N fail2ban iptables -A fail2ban -j RETURN iptables -I <chain> -p tcp -m multiport -

    Tags: performance, iptables, fail2ban
  • Deny acces to all Internet hosts except several 2014-09-01

    I'm using Ubuntu 14.04, I want to restrict access to Internet to all programs and processes. I also want to allow several hosts after that. I was trying to do that with iptables, but I could figure out all its arguments and copypasted mostly. Can som

    Tags: linux, ubuntu, iptables
  • libnetfilter_queue recv() function 2014-07-10

    I have a simple emulator which receives queued packets from the kernel nfnetlink_queue subsystem. Handling of incoming packets can be done via a loop using recv() function: (for more info, see here. An example code is here: http://www.netfilter.org/p

    Tags: linux, network programming, iptables, netfilter
  • using iptables as a NAT 2014-06-28

    i want to monitor traffic of a computer connected to the same wifi network as my computer .i have somehow managed to in making it send packets to me instead of router (confirmed by using wireshark) .But when i use the following command the iptables t

    Tags: iptables, nat
  • OpenVPN + iptables: not forwarding traffic 2014-05-17

    I am trying to forward traffic through a vpn with openvpn on a vps. I already did this successfully on an OpenVZ virtualized server in the past, but I cannot replicate the working behaviour on a new installation on a different vps. I changed provider

    Tags: debian, vps, iptables, openvpn
  • iptables input, ouput rules 2014-03-19

    I need help with this iptables rules. I don't understand why is needed INPUT rule for port 8080 server with public ip iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -I INPUT 1 -p all -m state --state ESTABLISHED,RELATED -j

    Tags: ubuntu, firewall, iptables
  • iptables string match accept connection 2014-01-08

    I have a question with iptables and string matching. Most of what I have read drops packets that match a rule. When I use this, iptables will drop any connection with the string "test" iptables -A INPUT -p tcp --dport 80 -m string --string ! "test" -

    Tags: string, iptables, matching
  • iptables to drop input connections to postgres 2013-06-24

    For testing, I need to drop all input connections to postgres db running on port 5432 on localhost. I set an iptables rule : iptables -A INPUT -s -p tcp --dport 5432 -j DROP But I am able to do read/write operations to the db. I used dbvisu

    Tags: linux, postgresql, iptables
  • Block SOURCE port with iptables 2013-06-17

    I need to block a single UDP port, and then allow only a few IP's with specific port to access my UDP port; It works ok with allowing only IP without specifying source port, but it's not good enough, so i need to allow SINGLE IP with SINGLE PORT to m

    Tags: source, port, iptables
  • is there any api for linux iptables , so that my program can add firewall rules 2013-04-12

    This question already has an answer here: How can I programmatically manage iptables rules on the fly? 8 answers I am writing an application using libc, for that am in search of an api for iptables so that i can add firewall rules using my program .i

    Tags: linux, gcc, iptables, libc
  • port knocking using iptables 2013-03-16

    I am using following iptables rules for port knocking. Everything works well, but I would like to improve it by being able to knock from HOST_1 and thereby opening the SSH port for HOST_2. Could somebody please advise if/how that could be done? One p

    Tags: iptables
  • Outgoing connections from dedicated server denied with iptables shut off 2012-08-30

    I have a peculiar problem with my dedicated webserver. It's running CentOS and uses PLESK for administration through web. I noticed the problem in the title when trying to update plugins in wordpress aswell as wordpress itself. When trying to update

    Tags: http, wordpress, iptables, dedicated server
  • Linux Bash: Setting iptables rules to allow both active and passive FTP 2012-05-01

    I have a PC on which I have a FTP server installed. I want to set the iptables rules to allow both active and passive FTP. I've tried the following code that people report is working, but it seems to block all traffic for me (pages won't load anymore

    Tags: linux, bash, ftp, iptables
  • Blocking Hotspotshiled? 2012-04-28

    I am responsible to monitor my university network and recently I have noticed which students are using a VPN called as "hotspotshield" that pass my proxy server and allow them to browse and use any website or ports, even the ports that are already bl

    Tags: proxy, vpn, squid, iptables
  • How to formulate IP forwarding rule using iptables 2012-04-25

    I have two Systems A and B. A is a TCP Client and sends a message to TCP Server on B. ------------------ -------------------------- System A System B wlan0 wlan0 lo lo TCP Client <------------> TCP Se

    Tags: ubuntu, network programming, iptables, tcpclient, tcpserver
  • Iptables filtering performance: TCP and UDP 2012-04-25

    i am writting to ask about iptables performance in TCP and UDP filtering. I was testing it with large number of iptables rules. When in FORWARD chain is 10 000 mixed TCP and UDP rules i get TCP throughput 35.5 Mbits/sec and UDP throughput 25.2 Mbits/

    Tags: udp, tcp, iptables, throughput
  • IPTables Range of Ports 2012-04-25

    Hey guys in my iptables file I have the following line: -A INPUT -m state --state NEW -m tcp -p tcp --dport 20000:25000 -j ACCEPT Because I'm trying to open a range of ports that will need to be open for multiple (Yes THAT many multiple) different mi

    Tags: centos, iptables
  • Android kernel .config file for Netfilter and iptables 2012-04-18

    The latest android sources(android 4.0.1) come with Iptables 1.4.11. In order to enable iptables and Netfilter, how should the 2.6..35 kernel look like? I googled some sites and got the following config. Do I need to do some changes? Is XTABLES even

    Tags: android, iptables, netfilter, linux kernel
  • Emulate promiscuous mode with iptables 2012-04-17

    I am trying to run snort on my home network but I don't have a switch that will mirror a port. Instead I have an Asus RT-N16 with Tomato (dd-wrt) on it. After hours of searching the only solution I found was here: http://www.snort.org/assets/182/snor

    Tags: iptables, snort, dd wrt

Copyright (C) dskims.com, All Rights Reserved.

processed in 4.661 (s). 9 q(s)