Displaying 20 results from an estimated 10000 matches similar to: "iptable rule for bypassing netfilter queue for a matching address."
2011 Dec 27
1
Netfilter QUEUE (NFQUEUE) Support on XEN based VPS
Hi all,
I have been trying to run an IDS system on OpenVZ based VPS which requires that I run this IPTABLES command :
iptables -A FORWARD -j NFQUEUE
However, so far I have not suceeded. I always get this errors:
iptables: Unknown error 4294967295
Even when the NFQUEUE IP modules was enabled by the VPS provider, I still get these errors and this appears to be OpenVZ bug.
So I want to
2014 Dec 30
1
[Bug 992] New: Missing space between NFQUEUE extra parameters
https://bugzilla.netfilter.org/show_bug.cgi?id=992
Bug ID: 992
Summary: Missing space between NFQUEUE extra parameters
Product: iptables
Version: 1.4.x
Hardware: x86_64
OS: Ubuntu
Status: NEW
Severity: enhancement
Priority: P5
Component: iptables-save
Assignee:
2024 Apr 03
9
[Bug 1742] New: using nfqueue breaks SCTP connection (tracking)
https://bugzilla.netfilter.org/show_bug.cgi?id=1742
Bug ID: 1742
Summary: using nfqueue breaks SCTP connection (tracking)
Product: libnetfilter_queue
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: libnetfilter_queue
Assignee:
2013 Apr 11
1
[Bug 778] NFQUEUE --queue-bypass accepts all packets when no userspace application is available
https://bugzilla.netfilter.org/show_bug.cgi?id=778
Florian Westphal <fw at strlen.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
CC| |fw at strlen.de
--- Comment #1 from Florian Westphal
2014 May 19
6
[Bug 941] New: --queue-balance sending all traffic to queue 0
https://bugzilla.netfilter.org/show_bug.cgi?id=941
Summary: --queue-balance sending all traffic to queue 0
Product: netfilter/iptables
Version: linux-2.6.x
Platform: x86_64
OS/Version: other
Status: NEW
Severity: normal
Priority: P5
Component: nfnetlink_queue
AssignedTo: netfilter-buglog at
2012 Apr 25
1
forwarding packets to service in same host without using loopback network
This question is not about linux usage. But still i think user list
is a good crowd for linux programmer. So here it goes.
I have this libnetfilter_queue application which receives packets from
kernel based on some iptables rule. Before going straight to my
problem, i'm giving a sample workable code and other tools to set up a
test environment so that We problem definition and possible
2020 Nov 09
1
[Bug 1480] New: SLES15 Default Iptable rule causing issue
https://bugzilla.netfilter.org/show_bug.cgi?id=1480
Bug ID: 1480
Summary: SLES15 Default Iptable rule causing issue
Product: iptables
Version: 1.6.x
Hardware: x86_64
OS: SuSE Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: iptables
Assignee: netfilter-buglog at
2009 Sep 14
1
[Bug 606] New: Iptables-restore removing the wrong rules
http://bugzilla.netfilter.org/show_bug.cgi?id=606
Summary: Iptables-restore removing the wrong rules
Product: iptables
Version: unspecified
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P1
Component: iptables-restore
AssignedTo: laforge at netfilter.org
ReportedBy: me
2006 Nov 12
1
Script for get bandwidth statistic from iptable
i search a lot forum how to get bandwidth statistic such number of packet, total byte in each application protocol by using IPTABLES + netfilter-layer7
but i don''t know which script for getting it in log file and use data after get it for plotting graph later
my IPTABLES command like this
iptables -t mangle -N all
iptables -t mangle -A POSTROUTING -j all
iptables -t mangle -A
2014 May 13
0
[Bug 939] New: extensions: NFQUEUE: missing cpu-fanout
https://bugzilla.netfilter.org/show_bug.cgi?id=939
Summary: extensions: NFQUEUE: missing cpu-fanout
Product: netfilter/iptables
Version: linux-2.6.x
Platform: x86_64
OS/Version: Debian GNU/Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: ip_tables (kernel)
AssignedTo:
2019 Feb 13
1
[Bug 1322] New: Accepting in an nfqueue breaks multi-chain processing
https://bugzilla.netfilter.org/show_bug.cgi?id=1322
Bug ID: 1322
Summary: Accepting in an nfqueue breaks multi-chain processing
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: kernel
Assignee: pablo at
2020 Aug 27
0
[Bug 1455] New: Queue verdict cannot be used in vmap
https://bugzilla.netfilter.org/show_bug.cgi?id=1455
Bug ID: 1455
Summary: Queue verdict cannot be used in vmap
Product: nftables
Version: unspecified
Hardware: arm
OS: Ubuntu
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2007 Nov 20
3
Shorewall 4.1.0
I''ve opened up development of Shorewall 4.1.
While I had previously announced that Shorewall 4.1 would focus on IPv6, I
have since learned that the netfilter team are developing ''xtables'', a
unified IP0v4/IPv6 utility. It seems silly to spend the effort to add
Shorewall support for IPv6 only to then have to turn around and convert it
to use xtables. So I''ve
2011 May 26
1
[ANNOUNCE]: Release of iptables-1.4.11
The netfilter coreteam presents:
iptables version 1.4.10
the iptables release for the 2.6.39 kernels. Due to some mistakes
on my side we didn't have a release for longer than expected, so
this contains a rather large number of changes.
Changes include:
- various bugfixes, cleanups and documentation updates
- a new "guided option parser" from Jan, replacing a lot of the
2013 Mar 20
2
netfilter+libvirt=(smth got broken?)
Hello,
I'm having problem setting up filtering traffic for a virtual machine
managed by libvirt. Strange thing is, such a setup has been working fine
for me on an older version of distro (namely, opensuse 11.3 w/updates,
kernel 2.6.34, libvirt 0.8.8) but refused to work on shiny new opensuse
12.4 (kernel 3.7.10, libvirt 1.0.2).
The definition of filter in question is pretty simple:
2006 Feb 11
0
[Bug 447] New: iptables doesn't support multiple times the same match in one rule
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=447
Summary: iptables doesn't support multiple times the same match
in one rule
Product: iptables
Version: 1.3.5
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P2
Component: iptables
AssignedTo:
2013 Aug 02
1
[Bug 837] New: Large ICMP packets are lost
https://bugzilla.netfilter.org/show_bug.cgi?id=837
Summary: Large ICMP packets are lost
Product: libnetfilter_queue
Version: unspecified
Platform: x86_64
OS/Version: other
Status: NEW
Severity: normal
Priority: P5
Component: libnetfilter_queue
AssignedTo: netfilter-buglog at lists.netfilter.org
2017 Nov 13
2
[Bug 1202] New: Cannot match on both dport and sport in one nftables rule
https://bugzilla.netfilter.org/show_bug.cgi?id=1202
Bug ID: 1202
Summary: Cannot match on both dport and sport in one nftables
rule
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
Component: nft
2012 Aug 03
1
[SOLVED] iptables rule question for Centos 5
We have a simple configuration so we could get by with this
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j
ACCEPT
-A RH-Firewall-1-INPUT -s "SOURCIPADDRESS" -j REJECT --reject-with
icmp-host-prohibited
it doesn't scale well but servies the purpose.
_____________________________________
"He's no failure. He's not dead yet."
William
2019 Jun 19
2
[Bug 1344] New: Segmentation fault in nft add rule ip ipv4table ipv4chain-1 tcp sport { 12345-54321 }
https://bugzilla.netfilter.org/show_bug.cgi?id=1344
Bug ID: 1344
Summary: Segmentation fault in nft add rule ip ipv4table
ipv4chain-1 tcp sport { 12345-54321 }
Product: nftables
Version: unspecified
Hardware: All
OS: Ubuntu
Status: NEW
Severity: critical
Priority: P5