Displaying 20 results from an estimated 10000 matches similar to: "Blocking an IP address both as source and destination"
2016 Jun 20
3
Redirecting port 8080 to port 80 - how to add in /etc/sysconfig/iptables file?
Good evening,
on a CentOS 7 LAMP (not gateway) dedicated server I am
using iptables-services with the following /etc/sysconfig/iptables:
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [294:35064]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p icmp -m icmp --icmp-type any -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp -m
2016 Jun 21
4
Redirecting port 8080 to port 80 - how to add in /etc/sysconfig/iptables file?
Hello Gordon and others
On Tue, Jun 21, 2016 at 4:13 PM, Gordon Messmer <gordon.messmer at gmail.com>
wrote:
> On 06/21/2016 02:30 AM, Alexander Farber wrote:
>
>> -A PREROUTING -p tcp -m tcp -d 144.76.184.154/32 --dport 80 -j REDIRECT
>> --to-ports 8080
>>
>
>
> I think you have the ports backward, here.
>
here the problem description again:
I have
2016 Jun 21
2
Redirecting port 8080 to port 80 - how to add in /etc/sysconfig/iptables file?
Hello again,
unfortunately the following /etc/sysconfig/iptables file does not work:
*nat
:INPUT ACCEPT
:OUTPUT ACCEPT
:PREROUTING ACCEPT
:POSTROUTING ACCEPT
#-A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8080
-A PREROUTING -p tcp -m tcp -d 144.76.184.154/32 --dport 80 -j REDIRECT
--to-ports 8080
COMMIT
*filter
:INPUT DROP
:OUTPUT ACCEPT
:FORWARD DROP
-A INPUT -m state --state
2016 May 31
3
iptables.service listed as: not-found inactive dead
Hello fellow CentOS users,
on a freshly installed 7.2 machine and after reading
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/chap-Managing_Services_with_systemd.html
I try to enable iptables with following commands:
# cat /etc/centos-release
CentOS Linux release 7.2.1511 (Core)
# rpm -qa | grep iptables
iptables-1.4.21-16.el7.x86_64
2011 Apr 24
3
Adding comments to /etc/sysconfig/iptables
Hello,
I'm a user (and big fan) of CentOS 5.6 and in my /etc/sysconfig/iptables
there are few blocking rules for some annoying visitors of my website
(I run a card game there since many years and some people are "special"):
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [294:35064]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A
2015 Dec 29
1
Firewall trouble?
Alright, I have setup the new rules and am waiting to see if I have any
issues. If I do, I will keep working on it. I also read the article
below, which mentions exactly what you I was told about 2008 and newer
using different ports.
https://support.microsoft.com/en-us/kb/929851
Here is the new configuration:
root at dc01:~# iptables -S
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-A INPUT -m
2015 Dec 28
9
Firewall trouble?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
I recently tried adding a firewall to my Samba 4 server using the port
information I found on the wiki. Below is a dump of the resulting rules.
root at dc01:~# iptables -S
- -P INPUT DROP
- -P FORWARD DROP
- -P OUTPUT ACCEPT
- -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
- -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m
2015 Dec 29
1
Firewall trouble?
I just looked up 42 and 68. I do not use WINS or BOOTP. I am removing
range 1024-5000 and replacing it with 49612-65535 now. I already allowed
389 TCP.
Lead IT/IS Specialist
Reach Technology FP, Inc
On 12/29/2015 03:58 AM, L.P.H. van Belle wrote:
> Hai,
>
> Im missing a few things.
>
> And maybe time server port to open? Are your dc's time server also?
> These are the
2016 Jun 21
2
Redirecting port 8080 to port 80 - how to add in /etc/sysconfig/iptables file?
On Tue, 2016-06-21 at 15:46 +0100, Always Learning wrote:
> On Tue, 2016-06-21 at 16:24 +0200, Alexander Farber wrote:
>
> > *nat
> > :INPUT ACCEPT
> > :OUTPUT ACCEPT
> > :PREROUTING ACCEPT
> > :POSTROUTING ACCEPT
> > -A PREROUTING -p tcp --dst 144.76.184.154 --dport 8080 -j REDIRECT
> > --to-port 80
>
>
2010 Oct 05
1
iptables failure at the last line
Hello,
can anybody please spot an error here?
# sudo service iptables start
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: filter [ OK ]
Unloading iptables modules: [ OK ]
Applying iptables firewall rules: iptables-restore: line 20 failed
2020 Sep 09
5
[Bug 1463] New: nft --json table list ruleset crashes
https://bugzilla.netfilter.org/show_bug.cgi?id=1463
Bug ID: 1463
Summary: nft --json table list ruleset crashes
Product: nftables
Version: unspecified
Hardware: All
OS: Debian GNU/Linux
Status: NEW
Severity: major
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2005 Jan 11
2
dnat problem
Hi,
I have a proxy/firewall,
I want to dnat requests for 193.205.140.106 on port 443 towards
10.2.15.23 and requests for 193.205.140.106 on ports 4330 and 3389
towards 10.2.15.25, these rules must apply from internet, loc and fw
(some client use a proxy on fw to reach these servers)
I have tried with the following rules:
DNAT net dmz:10.2.15.23 tcp 443 -
2004 Dec 29
18
No response on port 80 with Shorewall
I have problem getting answer on http request from all my local subnets
but not from local subnet.
Ping and requests on ports 21 22 23 25 110 works fine.
I logged port 80 in rules files and I got
accept entry same for local subnet and other subnets.
Local subnet is 192.168.6
Dec 29 09:52:40 zinfsrv2 kernel: Shorewall:loc2fw:ACCEPT:IN=eth0 OUT=
MAC=00:09:6b:07:ca:cc:00:10:b5:fa:bd:71:08:00
2007 Sep 29
1
samba with iptables
Hi,
system info:
ubuntu 7.04 (Host OS)
samba 3.0.24 (installed with apt-get)
vmware-server 6.0.1
windows XP (Guest OS)
I was using the iptables script provided by iptablesrocks.org. It's been
quite useful, but I ran into a problem when I tried to connect samba.
Without any iptables rules, I have no problem when connecting host
os(ubuntu samba server) from guest os Windows XP.
I referenced
2005 Jul 30
2
Qos wiht HTB for ADSL/Home
Hi,
My home setup is as following:
- 1024/128 kbit ADSL
- FC3
I set up HTB to prioritize traffic. I am not very pleased with the
obtained results.
The scope of my setup is to have some ssh sessions with remote servers
while browsing websites and running aMule Nothing complicated (I
think... ;).
The very high priority traffic (ssh), gets stuck when I start aMule and
make an FTP download.
2012 May 08
19
Shorewall, TPROXY, Transparent Squid and Multiples ISP
Hello,
I wonder if someone could use the TPROXY with Shorewall and
transparent Squid with using the routing rules on shorewall
(tcrules) for hosts / networks (LAN) with multiples providers (WANs)
directly from the internal network on port 80 (with TPROXY
transparent squid or REDIRECT).
On this issue, the routing rules is not work propertly because the
source is the
2015 Dec 28
0
Firewall trouble?
On 28/12/15 15:33, Ryan Ashley wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> I recently tried adding a firewall to my Samba 4 server using the port
> information I found on the wiki. Below is a dump of the resulting rules.
>
> root at dc01:~# iptables -S
> - -P INPUT DROP
> - -P FORWARD DROP
> - -P OUTPUT ACCEPT
> - -A INPUT -m conntrack --ctstate
2015 Dec 28
0
Firewall trouble?
On 12/28/2015 10:33 AM, Ryan Ashley wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> I recently tried adding a firewall to my Samba 4 server using the port
> information I found on the wiki. Below is a dump of the resulting rules.
>
> root at dc01:~# iptables -S
> - -P INPUT DROP
> - -P FORWARD DROP
> - -P OUTPUT ACCEPT
> - -A INPUT -m conntrack
2015 Dec 29
0
Firewall trouble?
Hai,
Im missing a few things.
And maybe time server port to open? Are your dc's time server also?
These are the ports i've set.
TCP what im having.
22,42,53,88,135,139,389,445,464,636,3268,3269,1024:5000,49612:65535
How you did:
22,53,88,135,139,445,464,636,1024:5000,3268,3269
Your missing 42 389 and range : 49612:65535
UDP what im having.
53,67,68,88,123,137,138,389,464
How you
2008 Dec 02
2
iptables-save: INPUT DROP [26:8260]
Hello,
why does iptables-save print 2 numbers in square brackets?
Is it used for anything? Is it number of inspected packets
(and what's the other number then)?
And what does *filter mean?
Thank you
Alex
$ sudo iptables-save
# Generated by iptables-save v1.3.5 on Tue Dec 2 23:53:56 2008
*filter
:INPUT DROP [26:8260]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [376:82274]
-A INPUT -m state --state