similar to: Default CentOS(Redhat) iptables, Secure?

This is a standard RedHat / CentOS firewall configuration, where I told it, through the standard RH setup GUI, that I want ssh and snmp allowed through. Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere Chain FORWARD (policy ACCEPT) target prot opt source

I'm looking to troubleshoot this error when I run "tail /etc/httpd/logs/error_log" [Tue Oct 09 07:22:59 2007] [error] [client 127.0.0.1] Directory index forbidden by rule: /var/www/html/ (I get this when I run Nagios' "./check_http -H 127.0.0.1".) All I did was install CentOS and then modify httpd.conf to include "ServerName 192.168.1.10:80" and also

Hey, I was originally asking questions on xen-users but no one seems to have any idea about this so I figured I''d try this list. I compiled Xen from source (3.2 testing) on an Intel machine running Fedora Core 8 and have discovered that my guest (Windows Vista) does not have a network connection. Looking at various online documentation and a machine that does work, I guessed that I

In following up on the rsh "problem" I was having earlier, I decided to try out the suggestion Felipe sent about using system-config-securitylevel-tui to open up ports 513 and 514, but that doesn't seem to do the job, either. # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere

Hi All, Hi All, MySQL 5.0.77 on CentOS 5.4 MySQL is running, my Wordpress stuff is working, but I cannot connect to the server from my house. This server is in my house, however, but on a public IP, behind a firewall, etc. I checked my hardware firewall (a dedicated UnTangle system) and that is successfully allowing the passage. I know this because the firewall shows: 2009-12-22 6:29:41 am

Can you post your Tinc configuration too? El lun., 30 ene. 2017 a las 11:42, Dave Albert (<dave.albert at gmail.com>) escribió: > Here is an extract of my current iptables that are not working: > > iptables -L -n -v > > Chain INPUT (policy DROP 8 packets, 1120 bytes) > pkts bytes target prot opt in out source > destination > 0 0

Sorry if this has been covered before. I setup a new Samba server using RedHat EL 3, and samba 3.0.2-6.3E (the version that comes with Redhat). We were seeing an intermittant 20 seconcd delay when grabbing a directory listing, but only from XP, win 2k was fine. I couldn't completely nail down when the delay occured but it seemed to be when the directory or share hadn't been accessed

Hi?guys. There is a wierd problem with iptables recently, hopes somebody can help me. I have installed Centos 7.2.1511 on a bare metal Dell server these days, disabled firewalld and enabled iptables.services, and setup a group of very simple rules, as the following: # iptables-save # Generated by iptables-save v1.4.21 on Tue Apr 23 09:15:14 2019 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT

I am working to a CentOS 6 server with nonstandard iptables system without rule for ACCEPT ESTABLISHED connections. All tables and chains empty (flush by legacy custom script) so only filter/INPUT chain has rules (also fail2ban chain): Chain INPUT (policy ACCEPT) target prot opt source destination f2b-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all --

I have problem getting answer on http request from all my local subnets but not from local subnet. Ping and requests on ports 21 22 23 25 110 works fine. I logged port 80 in rules files and I got accept entry same for local subnet and other subnets. Local subnet is 192.168.6 Dec 29 09:52:40 zinfsrv2 kernel: Shorewall:loc2fw:ACCEPT:IN=eth0 OUT= MAC=00:09:6b:07:ca:cc:00:10:b5:fa:bd:71:08:00

I am trying to setup some rules on a box with 3 nic cards. Two internet connections and one office connection. eth0 is office eth1 is internet T1 eth2 is internet Cable when I do "iptables -F" then iptables -L everything is gone as it should be. Then I do iptables -t nat -A PREROUTING -p tcp -d $MYIP --dport 6550 -j DNAT --to $INTERNAL_ADDRESS:6550 iptables -t nat -A POSTROUTING -d

Hello, Stephen, thank you for input. Yes, these servers have the same firewall rules, and both of them have the same problem from time to time, most of time they are good. Actually, these servers are newly installed to be used as the Glusterfs storage server, so not much data flowing at this time. >From the sysctl output, I suppose it can't be a conntrack table overflow :

I have a simple requirement/test I'm trying to perform, but having difficulty. I have a system with 2 interfaces, BoxA: eth0? 172.26.50.102 eth1? 192.101.77.62 My goal is to have a tcp port built on BoxA such that hosts on the 192.101.77.0/24 network can reach a port on a different box on the 172.26.0.0/16 network. The target system is 172.26.10.120?? tcp/22 The port I wish to build is

Situation: Running a simple UDP client/server program where the client on one domU on one computer sends echo packets to another domU on another computer, server sends echoes back. They do this on a specified port (will use any port between 5000-6000). This program works on non-Xen machines in various environments, Linux and Solaris. Program just hangs on the domUs. I believe I need help with

I'm trying to do some simple tcp port forwarding [root at wcmisdlin02 ~]# cat /proc/sys/net/ipv4/ip_forward 0 [root at wcmisdlin02 ~]# /bin/echo 1 > /proc/sys/net/ipv4/ip_forward [root at wcmisdlin02 ~]# cat /proc/sys/net/ipv4/ip_forward 1 [root at wcmisdlin02 ~]# iptables --list Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all --

Hi, I have a big "name problem" with my internal mail server (10.0.0.152). It is "seen" on the internet through DNAT (213.58.230.27). Also there is a MX record pointing to the machine. Everything works fine from the outside. However i can''t set the mail clients on the lan pointing to the mx record, because this one points to 213.58.230.27 and the firewall

Hi, Trying to figure out why I cannot get access to dell.com Their site is up because I can browse using a different firewall. Trying to find out where the logs are located and what log files it would write to if it were to deny browsing to a website. I can see the [UNREPLIED] when using the shorewall status. Was hoping to know what logfile it is writing it to. Thanks in advance, Elmer

Hi, I''ve been making leaps and strides with Xen on FC4. It has been easy to get installed and to start our first virtual host. I''ve got one outstanding issue with iptables that is preventing me progressing further. This is a colo''d server. It has s single NIC with public IPs. The bridge is set to come up binding vif* <> xen-br0 <> eth1. I can start a

Hi, I'm trying to configure nwfilter for KVM, but so far I haven't managed to figure out a working configuration. Network setup: The dom0 (Debian 7.1, kernel 3.2.46-1, libvirt 0.9.12) is connected via eth0, part of the external subnet 192.168.17.0/24, and has an additional subnet 192.168.128.160/28 routed to its main address 192.168.17.125. The host's subnet is configured as bridge

I''m attempting to setup Squid as shown on: http://shorewall.sourceforge.net/Shorewall_Squid_Usage.html#DMZ The firewall is a Bering 1.0 firewall running Shorewall 1.3.11, Red Hat 7.2 on the server in the DMZ. I''m not seeing the requests come in to the server using tcpdump. The server is 192.168.2.1 connecting to eth2 on the firewall, the local traffic I''m trying to