Displaying 20 results from an estimated 8000 matches similar to: "Firewalling certain IP ranges"
2004 Dec 21
5
Is ''publish'' proxy arp still broken ?
Can''t get proxy arp with arp -s <IPaddr> <MACaddr> pub
to work with a 2.4 kernel. I see some evidence in the archive
that this was broken in the 2.0.x timeframe and never fixed.
Anyone know for sure if it''s broken or working ?
(I''m attempting to route a few addresses into a routed
network, from the ethernet side of a DSL router that
has a /29 public
2005 Apr 06
2
Multipath routing + traffic separation problem.
Hello,
I have set up a multipath gateway.
System is a linux 2.4.29 kernel, iproute 20010824, iptables 1.2.11.
here is the setup:
firewall:/# ip rule
0: from all lookup local
100: from all lookup main
152: from all fwmark 10 lookup wan1
153: from all fwmark 20 lookup wan2
201: from 213.223.96.121 lookup wan1
202: from 82.236.230.217 lookup wan2
1000: from
2004 Nov 25
6
Logfile entry query
Hi,
I get frequent logfile entries from Shorewall similar to the following:
Nov 25 11:22:51 10.0.0.248 kernel: Shorewall:net2mill:DROP:IN=eth2
OUT=eth0 SRC=202.96.117.50 DST=10.0.0.10 LEN=56 TOS=0x00 PREC=0x00
TTL=241 ID=0 PROTO=ICMP TYPE=11 CODE=0 [SRC=10.0.0.10
DST=202.101.167.133 LEN=48 TOS=0x00 PREC=0x00 TTL=1
ID=13591 DF PROTO=TCP INCOMPLETE [8 bytes] ]
Could someone explain what the
2003 Aug 31
4
linux-ha heartbeat .. failover firewall
I have searched your FAQ''s and read the documentation on your site as well
as googling. I am not able to figure this out. If you have any ideas can
you please help.
I am using the linux-ha failover with redundant firewalls.
As part of the function of the linux-ha software consists a service called
heartbeat which is a connection from each failover node through a serial
cable or ethernet.
2005 Jan 11
2
dnat problem
Hi,
I have a proxy/firewall,
I want to dnat requests for 193.205.140.106 on port 443 towards
10.2.15.23 and requests for 193.205.140.106 on ports 4330 and 3389
towards 10.2.15.25, these rules must apply from internet, loc and fw
(some client use a proxy on fw to reach these servers)
I have tried with the following rules:
DNAT net dmz:10.2.15.23 tcp 443 -
2015 Dec 28
9
Firewall trouble?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
I recently tried adding a firewall to my Samba 4 server using the port
information I found on the wiki. Below is a dump of the resulting rules.
root at dc01:~# iptables -S
- -P INPUT DROP
- -P FORWARD DROP
- -P OUTPUT ACCEPT
- -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
- -A INPUT -p tcp -m tcp --dport 22 -m state --state NEW -m
2004 Aug 05
9
Not able to access website
Hi,
Trying to figure out why I cannot get access to dell.com
Their site is up because I can browse using a different firewall.
Trying to find out where the logs are located and what log files it
would write to if it were to deny browsing to a website. I can see the
[UNREPLIED] when using the shorewall status. Was hoping to know what
logfile it is writing it to.
Thanks in advance,
Elmer
2004 Dec 29
18
No response on port 80 with Shorewall
I have problem getting answer on http request from all my local subnets
but not from local subnet.
Ping and requests on ports 21 22 23 25 110 works fine.
I logged port 80 in rules files and I got
accept entry same for local subnet and other subnets.
Local subnet is 192.168.6
Dec 29 09:52:40 zinfsrv2 kernel: Shorewall:loc2fw:ACCEPT:IN=eth0 OUT=
MAC=00:09:6b:07:ca:cc:00:10:b5:fa:bd:71:08:00
2015 Dec 29
1
Firewall trouble?
Alright, I have setup the new rules and am waiting to see if I have any
issues. If I do, I will keep working on it. I also read the article
below, which mentions exactly what you I was told about 2008 and newer
using different ports.
https://support.microsoft.com/en-us/kb/929851
Here is the new configuration:
root at dc01:~# iptables -S
-P INPUT DROP
-P FORWARD DROP
-P OUTPUT ACCEPT
-A INPUT -m
2005 Nov 25
1
2 WAN links and DNAT
Hi
Here is a short description of my network:
ppp0 (adsl) ppp1 (adsl)
| |
| |
---------------------
| Router |
| Firewall |
| MASQUERAD |
| DNAT |
| |
| eth0 |
---------------------
|
|
|
----------------------
|
2015 Dec 29
1
Firewall trouble?
I just looked up 42 and 68. I do not use WINS or BOOTP. I am removing
range 1024-5000 and replacing it with 49612-65535 now. I already allowed
389 TCP.
Lead IT/IS Specialist
Reach Technology FP, Inc
On 12/29/2015 03:58 AM, L.P.H. van Belle wrote:
> Hai,
>
> Im missing a few things.
>
> And maybe time server port to open? Are your dc's time server also?
> These are the
2009 Aug 04
4
firewall setup for nfs
Below is my firewall rules for iptables.
everything is working fine except for NFS
I cannot mount my drive.
If I turn off iptables I can mount.
Looking at this :
http://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-nfs.html
Important
In order for NFS to work with a default installation of Red Hat
Enterprise Linux with a firewall enabled, IPTables with the default TCP
port 2049
2018 May 30
3
Password recovery trick not working on CentOS
Hi,
I remember back in the days, there was a neat trick to recover a lost
root password, or more exactly, redefine a new password for root.
1. In the bootloader, boot the system with the 'init=/bin/bash' kernel
argument.
2. Remount the root partition in read-write mode:
# mount -o remount,rw /
3. Set the password for root:
# passwd
4. Remount the root partition in read-only
2003 Oct 21
3
*samba3 ports
Dear netters,
My linux box is installed with samba 3.0.0 and joined with NT domain (w2k
based). Samba are working fine, until I filter the incoming traffic using
iptables (v1.2.7a) on default RedHat 9 kernel 2.4.20-8, using these rules:
[root@Bhp-0m03-0472 root]# cat /etc/sysconfig/iptables
# Generated by iptables-save v1.2.7a on Sun Oct 12 19:36:36 2003
*filter
:INPUT DROP [0:0]
:FORWARD ACCEPT
2016 Jun 21
4
Redirecting port 8080 to port 80 - how to add in /etc/sysconfig/iptables file?
Hello Gordon and others
On Tue, Jun 21, 2016 at 4:13 PM, Gordon Messmer <gordon.messmer at gmail.com>
wrote:
> On 06/21/2016 02:30 AM, Alexander Farber wrote:
>
>> -A PREROUTING -p tcp -m tcp -d 144.76.184.154/32 --dport 80 -j REDIRECT
>> --to-ports 8080
>>
>
>
> I think you have the ports backward, here.
>
here the problem description again:
I have
2019 Feb 12
1
Samba and ufw (Martin McGlensey)
Louis,
Made the changes. Still unable to mount office. Firewall also blocks
Thunderbird mail and maybe internet. Will check that more fully
later.Any thoughts ob Tony's response?
Outputs:
martin at radio:/etc$ sudo apt-get install ufw
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no
2007 Sep 12
4
ASTERISK BOX behind a filewall
Hi All,
I want to put a ASTERISK BOX bend a Firewall. So I have given below rules.
iptables -A FORWARD -p udp -d 192.168.101.30 -m multiport --dports
3478,4569,5060 -m state --state NEW -j ACCEPT
iptables -A FORWARD -p udp -d 192.168.101.30 --dport 10000:20000 -m state
--state NEW -j ACCEPT
iptables -t nat -A PREROUTING -p udp -i eth0 -d 1.2.3.4 -m multiport
--dports 3478,4569,5060 -j DNAT
2005 Aug 09
4
Too slow computer?
Hello! I''ve put some questions on this list some weeks
ago and I''ve got good answers. Thank you!
Now I''ve finished my (beautyful) script and I ran it
on my router...
About my script:
It routes packages based on their destination on the
Internet. I have about 1650 preffered destination
networks listed in some file. The script read this
file and marks every package for
2012 Apr 25
1
forwarding packets to service in same host without using loopback network
This question is not about linux usage. But still i think user list
is a good crowd for linux programmer. So here it goes.
I have this libnetfilter_queue application which receives packets from
kernel based on some iptables rule. Before going straight to my
problem, i'm giving a sample workable code and other tools to set up a
test environment so that We problem definition and possible
2020 Sep 09
5
[Bug 1463] New: nft --json table list ruleset crashes
https://bugzilla.netfilter.org/show_bug.cgi?id=1463
Bug ID: 1463
Summary: nft --json table list ruleset crashes
Product: nftables
Version: unspecified
Hardware: All
OS: Debian GNU/Linux
Status: NEW
Severity: major
Priority: P5
Component: nft
Assignee: pablo at netfilter.org