IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [iptables]

An application that allows a user to configure the tables provided by the Linux firewall. iptables is succeeded by nftables as of 2014.

iptables is an application that allows a user to configure the tables provided by the Linux firewall. iptables is succeeded by nftables as of 2014.

Related reading

166 questions
3
votes
1 answer

Is it possible to find out what a remote user is trying to do connecting to a closed port?

From my iptables log, I can observe a particular remote IP address trying to connect to my server from port 80 to a private port number: Jul 09 01:24:41 example.com kernel: IPTABLES: IN=eth1 MAC=xx:xx:xx SRC=abc.a.b.c DST=xyz.x.y.z LEN=44 TOS=0x00…
Question Overflow
  • 5,220
  • 6
  • 27
  • 48
3
votes
1 answer

Port Knocking using only Iptables/netfilter

I am using the following iptables rules for port knocking. Everything works well, but it open the port for just a second and then close it. So how to improve this script to accept connection for a 30 seconds for example ? #!/bin/sh iptables…
TMR_OS
  • 208
  • 2
  • 10
3
votes
2 answers

Is my ISP doing a port scan on my computer?

I have been logging incoming connections with iptables for a while and I have been observing the following popping up periodically: 11:45:10 my.com kernel: IPTABLES: SRC=220.255.XX.XXY DST=192.168.1.2 LEN=40 TOS=0x00 PREC=0x00 TTL=59 ID=50687…
Question Overflow
  • 5,220
  • 6
  • 27
  • 48
3
votes
2 answers

Can ipopts be used to circumvent a pf or iptables firewall source IP based blocking?

Can one use ipopts, and in particular IP source routing, to circumvent source-based blocking in pf or iptables? For example, with OpenBSD's pf: block in all # default deny block out all pass in on dc0 from 10.0.0.0/8 to 10.1.1.1 Can IP source…
Brian M. Hunt
  • 537
  • 1
  • 3
  • 16
3
votes
1 answer

ufw, system-config-firewall-tui, or firewalld vs iptables

Is there any advantage (other than usability) to using ufw, system-config-firewall-tui, or firewalld rather than just using iptables? My understanding is that these other programs just simplify iptables.
Mike Gifford
  • 183
  • 6
3
votes
3 answers

Make OSSEC ban ip on remote firewall

I am deploying OSSEC architecture agent-server mode. I want the server to ban ip not only on agent but also on a remote firewall (dedicated iptables server). I've seached on the OSSEC's documentation but didn't find a way to do this so far ...
0x1gene
  • 783
  • 1
  • 6
  • 10
3
votes
1 answer

What are the requirements to sniff UDP packets in a Wireless Ad-Hoc network?

In a wireless Ad-Hoc network, I have two computers which communicates in UDP together from 192.168.1.3 to 192.168.1.5 I have a third computer (192.168.1.6) which wants to listen to the packets which are not addressed to it. I can see the packets…
Vladimir Leiv
  • 897
  • 3
  • 8
  • 14
3
votes
2 answers

How to configure iptables for must open ports?

On my machine there are web services which can be accessed from any PC connected to the same network segment (WiFi for example). I want to use IPtables on the machine to prevent any web services from being accessed by hosts on the Internet at…
sophist
  • 51
  • 1
  • 4
3
votes
0 answers

smb iptables configuration not working with vpn killswitch

my main goal is to setup iptables that work as a VPN killswitch for my openvpn connection. Thanks to a post from forest, this was pretty straight forward: OpenVPN kill switch on Linux . So. everything that is not going to TUN1 should be blocked. Now…
renpen
  • 31
  • 1
3
votes
0 answers

Experimenting with SSLStrip+ on the same machine

I am trying to play around to understand how SSLStrip+ works by: $ cat /proc/sys/net/ipv4/ip_forward 1 $ sudo iptables --flush $ sudo iptables --flush -t nat $ sudo iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 9000 $ sudo…
HCSF
  • 143
  • 6
3
votes
1 answer

Networking in Qubes OS

I've started recently to use Qubes OS and I want to set up a virtual IDS and IPS in separate VMs, but I can't figure out how the communications between different VMs works here. Each VM should be isolated and all the connections handled by a…
JumpAlways
  • 131
  • 1
  • 3
3
votes
1 answer

Setting up a fake AP - problem with iptables and DNS server

Im trying to set up a fake AP using aircrack-ng suite, DHCP server & iptables. After creating the fake AP: airmon-ng start wlan1 airbase-ng -c 11 -e "freewifi" wlan1mon running iptables configuration and at0 routing rules(bash…
eyal360
  • 131
  • 1
  • 9
3
votes
1 answer

How to prevent ICMP redirection produced by a man-in-the-middle

How can I prevent my route to be redirected with redirecting ICMP packets from a man-in-the-middle? I am specifically looking to avoid someone using ettercap with the -M icmp option. From man ettercap: icmp (MAC/IP) This attack…
user123456
  • 520
  • 1
  • 4
  • 13
3
votes
2 answers

Dedicated OS vs Debian for SOHO Firewall?

I want to set up a firewall for a small office. I have a server on which I can install an OS of my choice. I was thinking of trying pfSense but ran into some testing problems and tried IPFIre (Linux based). Hence I will only be referring to the…
Bamse
  • 95
  • 8
3
votes
1 answer

IPtables Linux Firewall and IPsec traffic

Can iptables filter out incoming datagrams that are IPSec-tunneled packets going to port 25?
Leonardo
  • 27
  • 1
  • 3
1 2
3
11 12