similar to: iptables rules that work?

Hi, A quick and dirty (aka Rapid Application Developement) AGI script implement using bash shell. No need to invoke a 10MB perl engine to process simple asterisk agi scripts. I found it to be very useful in learning the AGI interface. For example, I learn that AGI won't execute the next command until you read the results from STDIN. Enjoy, Sunny Woo Solution Consultant Avantnix

I've got a server with several ip's on eth0. I want to block all traffic *except* to port 80 on them, but not on any other IPs, so that eth0 is www.xxx.yyy.zzz eth0:1 is www.xxx.yyy.ggg eth0:2 is www.xxx.yyy.hhh I've tried -A RH-Firewall-1-INPUT -p tcp -d www.xxx.yyy.ggg --dport ! 80 -j DROP -A RH-Firewall-1-INPUT -p tcp -d www.xxx.yyy.hhh --dport ! 80 -j DROP and restarted (and

I am forwarding traffic on port 8080 to port 80 with following rule. # iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 8080 -j REDIRECT --to-port 80 # iptables-save However, I am unable to add it directly in /etc/sysconfig/iptables. I think it is used only for filter table and not nat table. So where do nat table rules go? Any help? - cs.

https://bugzilla.netfilter.org/show_bug.cgi?id=1422 Bug ID: 1422 Summary: iptables-nft fails to check / delete rules in raw table Product: iptables Version: 1.6.x Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: major Priority: P5 Component: iptables

Hi, I have 2 CentOS servers 82.201.195.123 & 62.139.61.84 I want to deny all ssh logins on port 22 on (62.139.61.84) from any host except from (82.201.195.123) Can anybody tell me such iptables rules to write in /etc/sysconfig/iptables Currently, im using the following rules (on 62.139.61.84) *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT -

On Thu, Jul 16, 2020 at 9:25 PM Phil Perry <pperry at elrepo.org> wrote: > On 16/07/2020 16:48, Kaushal Shriyan wrote: > > Hi, > > > > I am running CentOS Linux release 8.2.2004 (Core) on a remote server. I > am > > running the below iptables command to allow SSH port 22 from a specific > > source IP 219.91.200.59 > > > > iptables -A INPUT -m

Hi, I am running CentOS Linux release 8.2.2004 (Core) on a remote server. I am running the below iptables command to allow SSH port 22 from a specific source IP 219.91.200.59 iptables -A INPUT -m tcp -p tcp -s 219.91.200.59 --dport 22 -j ACCEPT > service iptables save The above iptables ruleset is not working and I am still able to connect from the internet to SSH port 22. I look forward to

Hi, I have a problem with asterisks on Linux. Looks like it is a iptables problem. My external client (eyebeam, on a different computer) cannot register to the asterisk server, but the asterisk server itself *looks* working. If I dial one of the incoming phone numbers for the server, I can see the call arriving in Asterisk (using asterisk -r). I tried nmap on my server, and this is the result:

-- Executing unixODBCput("SIP/10-cc1b", "BLAH/blah=bkw") in new stack -- unixodbcput: family=BLAH, key=blah, value=bkw -- Executing unixODBCput("SIP/10-cc1b", "BLAH/blah=bk2") in new stack -- unixodbcput: family=BLAH, key=blah, value=bk2 -- Executing unixODBCget("SIP/10-cc1b", "testingget=BLAH/blah") in new stack -- unixodbcget:

Hello, I have faced some problems : 1. With iptables running i can't ping my tincvpn server but as i turn it off i can. i have added all rules mentioned in examples but no success. 2. I want to get internet access on the client which is a win 7 computer using tincVPN but i gained no success either (i can't use bridges because server is a VPS using OpenVZ) so any advice for solving this

http://bugzilla.netfilter.org/show_bug.cgi?id=706 Jan Engelhardt <jengelh at medozas.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jengelh at medozas.de --- Comment #1 from Jan Engelhardt <jengelh at medozas.de> 2011-03-03 14:20:30

Hi all, I've a CentOS box which as two NIC; this box is also a router for LAN subnet: ------------------------------------ | eth0 (external) 172.0.0.1 | | eth1 (internal) 192.168.1.1 | ------------------------------------ | LAN clients (192.168.1.2+) I want to allow http acces only for two LAN boxes; an only http access, which means that others protocols as smtp, pop3,

Hi all, I need an help to implement this kind of rules on shorewall: iptables --insert INPUT -p udp --dport 53 -m u32 --u32 "0x28&0xFFDFDFDF=0x055a5a47 && 0x2c&0xDFDFFFDF=0x53540343 && 0x30&0xDFDFFFFF=0x4f4d0000" -j DROP This kind of rules need to block a DNS Amplification Attack. I found this file

Anyone wishing to help build/manage openenum.net please contact me via email brian@bkw.org ... I would like to have someone assist in building and management. Thanks, bkw

We have a simple configuration so we could get by with this -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -s "SOURCIPADDRESS" -j REJECT --reject-with icmp-host-prohibited it doesn't scale well but servies the purpose. _____________________________________ "He's no failure. He's not dead yet." William

Hello my isp has blocked outgoing and incoming connection for port 5060 . I have ssh access to server so i want to send all traffic from port 5091 to port 5060 of asterisk .so i tried iptables -t nat -A PREROUTING -i eth0 -p udp --dport 5091 -j DNAT --to 127.0.0.1:5060 Now my softphone is able to register with asterisk but it isnt able to make any calls . bindport = 5091 in my sip.conf under

I would like to block all DNS queries that come from one particular ip address. I used TCPdump to verify that the queries were in fact, coming from this IP: [scarolan at server:~]$ sudo tcpdump -n udp port 53 and src 10.100.1.1 tcpdump: listening on eth0 11:12:17.162100 10.100.1.1.19233 > 10.100.1.61.domain: 14270+ A? server.domain.com. (32) (DF) Could someone help with the proper syntax

These all work with sip native transfers and sip attended transfers in the example of "query" option. I tested this on my 7960 and it works great. Please others test it. cd /usr/src/asterisk cp contrib/scripts/astxs /usr/bin/ cd apps wget http://www.bkw.org/app_valetparking.c cd .. astxs -install apps/app_valetparking.c ; ; Lets Auto Park the person in the first available slot in

Just an FYI FireFly no longer works with anything but the FireFly network. No more SIP, No more IAX. It was a damn good IAX client... too bad its crap now. bkw

https://bugzilla.netfilter.org/show_bug.cgi?id=1152 Bug ID: 1152 Summary: iptables-xml crashed on -D rules Product: iptables Version: 1.4.x Hardware: All OS: All Status: NEW Severity: enhancement Priority: P5 Component: unknown Assignee: netfilter-buglog at lists.netfilter.org