search for: accept

...ried to connect samba. Without any iptables rules, I have no problem when connecting host os(ubuntu samba server) from guest os Windows XP. I referenced this article, http://troy.jdmz.net/samba/fw/, so I put the following sources in the middle of the source. -A INPUT -p udp -m udp --dport 137 -j ACCEPT -A INPUT -p udp -m udp --dport 138 -j ACCEPT -A INPUT -p tcp -m tcp --dport 139 -j ACCEPT -A INPUT -p tcp -m tcp --dport 445 -j ACCEPT Finally, it doesn't work. I feel now very frustrated... I tried with a lot of combinations, but all failed due to errors as shown below: # smbclient -U...

Hello I got about 20 different people using 20 different PC''s in my Lan. Five of them should have unrestricted access to the internet any time of the day. Yet the rest of them should only have access at certain timeframes during the day. Two of them should have no access at all. I am well experienced in writing rules (for the rules file) that make all this possible, yet i was

...same thing. I can connect from another machine to my machine on port 5038. How do I prevent this? Jerry --------------------------------- This is my firewall: # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -i eth0 -j ACCEPT -A RH-Firewall-1-INPUT -i eth1 -j AC...

...RD chain, but everytime the libvirtd is restarted the rule comes to the bottom of the chain (Appended). Can anyone suggest me what the solution could be? My IPtable rules are given below: Let me know if any further info is needed. [root at santiago Packages]# iptables -L -n -v Chain INPUT (policy ACCEPT 41 packets, 5818 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT udp -- vbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 0 0 ACCEPT tcp -- vbr0 * 0.0.0.0/0 0.0.0.0/0...

...albert at gmail.com>) escribió: > Here is an extract of my current iptables that are not working: > > iptables -L -n -v > > Chain INPUT (policy DROP 8 packets, 1120 bytes) > pkts bytes target prot opt in out source > destination > 0 0 ACCEPT tcp -- lo * 0.0.0.0/0 > 0.0.0.0/0 tcp dpt:3306 > 0 0 ACCEPT udp -- lo * 0.0.0.0/0 > 0.0.0.0/0 udp dpt:3306 > 0 0 NRPE tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 tcp dpt:5666 >...

Hello, I have the following data and I try to properly import it in R and plot the 4th column relative to time 1 2008-249 17:44:17.973 -2.27 00000000: Accepted 2 2008-249 17:44:18.014 -2.28 00000000: Accepted 3 2008-249 17:44:18.064 -2.29 00000000: Accepted 4 2008-249 17:44:18.123 -2.29 00000000: Accepted 5 2008-249 17:44:18.174 -2.29 00000000: Accepted 6 2008-249 17:44:18.225 -2.29 00000000: Accepted...

...s firewall using the official documentation but is not working (obviously), this ti my config: #!/bin/sh echo n Aplicando Reglas de Firewall... ## FLUSH de reglas iptables -F iptables -X iptables -Z iptables -t nat -F ## Establecemos politica por defecto iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT ## Empezamos a filtrar # El localhost se deja (por ejemplo conexiones locales a mysql) /sbin/iptables -A INPUT -i lo -j ACCEPT # Permito las IP iptables -A INPUT -s 192.168.1.5 -j ACCEPT #permito el acceso a servicio ntp /sbin/iptables -A INPUT -s 192.168.2.3 -p udp -m ud...

Hi, I've been able to get tinc setup when I flush all my iptables, but after enabling iptables and a delay I get a "Destination Net Unknown". I have three host (HOME10.0.3.2, MASTER 10.0.3.1, WEB 10.0.3.3) MASTER and WEB are in Digital ocean in the same data centre. HOME <---> MASTER <---> WEB I've tried multiple forwarding/masquerading/etc rules and

I try to do ping between my local network and Internet and i can''t do it, in my policy I have: loc net ACCEPT info loc fw ACCEPT loc dmz ACCEPT info fw loc ACCEPT fw net ACCEPT info fw dmz ACCEPT info dmz...

...had commented out. Anyway,? here is my working iptables-save.? If someone could review my output and let me know if I am missing anything and if the order of the rules are the most secure they could be. TIA. Steve # Generated by iptables-save v1.4.21 on Fri Jun? 1 10:34:39 2018*mangle:PREROUTING ACCEPT [12219:2602452]:INPUT ACCEPT [8766:2101480]:FORWARD ACCEPT [0:0]:OUTPUT ACCEPT [7093:2183351]:POSTROUTING ACCEPT [7093:2183351]COMMIT# Completed on Fri Jun? 1 10:34:39 2018# Generated by iptables-save v1.4.21 on Fri Jun? 1 10:34:39 2018*nat:PREROUTING ACCEPT [3836:607509]:INPUT ACCEPT [130:21132]:O...

...f /var/lock/subsys/ipchains ] && /etc/init.d/ipchains stop) >/dev/null 2>&1 || true (rmmod ipchains) >/dev/null 2>&1 || true /sbin/iptables -F /sbin/iptables -X /sbin/iptables -Z /sbin/iptables -P INPUT DROP /sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT /sbin/iptables -A INPUT -p tcp ! --syn -j REJECT --reject-with tcp-reset /sbin/iptables -A INPUT -m state --state INVALID -j DROP /sbin/iptables -P OUTPUT DROP /sbin/iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT /sbin/iptables -A OUTPUT -p tcp ! --syn -j REJECT --reject-with tcp...

...les -F iptables -X iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP /bin/echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_all /bin/echo "1" > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts /bin/echo "0" > /proc/sys/net/ipv4/conf/all/accept_source_route /bin/echo "0" > /proc/sys/net/ipv4/conf/all/accept_redirects /bin/echo "1" > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses /bin/echo "1" > /proc/sys/net/ipv4/conf/all/rp_filter /bin/echo "1" > /proc/sys/net/ipv4/conf/a...

...######################################## ############################################################################### # aplicando as regras contra ataques de negacao de servico # contra ping of death # iptables -t nat -A PREROUTING -i eth1 -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT # contra ataques syn-flood # iptables -t nat -A PREROUTING -i eth1 -p tcp -m limit --limit 1/s -j ACCEPT # contra port scanners avancados (nmap) # iptables -t nat -A PREROUTING -i eth1 -p tcp --tcp-flags SYN,ACK FIN,RST -m limit --limit 1/s -j ACCEPT ################################################...

...able or conflicts with another daemon. I have port 2049 listed in my iptables. Is there a reason I cannot mount? thanks, Jerry ------------------------------ # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INP...

...eth0 8000.0019b932c635 no peth0 tap0 vif2.0 virbr0 8000.000000000000 yes Iptables output: [root@moosen ~]# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT udp -- anywhere anywhere udp dpt:domain ACCEPT tcp -- anywhere anywhere tcp dpt:domain ACCEPT udp -- anywhere anywhere udp dpt:bootps ACCEPT tcp -...

...om the lan to the firewall and restricted access from the internet. Isn`t it possible to configure shorewall only for the wan interface and let the lan interface untouched from shorewall/iptables? Is there a simple rule/policy to allow all access f- policiy loc net ACCEPT loc all ACCEPT fw loc ACCEPT loc fw ACCEPT fw net ACCEPT net all DROP info all all REJECT info - rules ACCEPT n...

Here is an extract of my current iptables that are not working: iptables -L -n -v Chain INPUT (policy DROP 8 packets, 1120 bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp -- lo * 0.0.0.0/0 0.0.0.0/0 tcp dpt:3306 0 0 ACCEPT udp -- lo * 0.0.0.0/0 0.0.0.0/0 udp dpt:3306 0 0 NRPE tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:5666 0 0 ACCEPT icmp -- *...

...t redirect to webserver for ports 80 and 443 all the rest services are ok only that services have problems, thanks for all now my /etc/sysconfig/iptables is this: # Firewall configuration written by redhat-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] #-A INPUT -j RH-Firewall-1-INPUT #-A FORWARD -j RH-Firewall-1-INPUT #-A RH-Firewall-1-INPUT -i lo -j ACCEPT #-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT #-A RH-Firewall-1-INPUT -p 50 -j ACCEPT #-A RH-Firewall...

...utefilter,norfc1918 loc eth1 192.168.10.255 dhcp dmz eth2 192.168.11.255 dhcp --masq-- eth0 192.168.10.0/24 eth0 192.168.11.0/24 --routestopped-- eth1 - eth2 - --policy-- loc net ACCEPT fw net ACCEPT dmz net ACCEPT ULOG net all DROP ULOG all all REJECT ULOG --rules-- ACCEPT fw net tcp 53 ACCEPT fw...

...sted recently about getting Samba4 to work on CentOS 6.4 but having changes only replicating in one direction, from the Win2k3 AD but not back to it. I solved the problem, this time, by disabling iptables. I find it a bit hard to understand. These are the rules I have set up: *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [52:5888] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -m udp -p udp --dport 53 -m comment --comment "DNS" -j...