Questions tagged [iptables]

iptables is the userspace command line program used to configure the Linux 2.4.x and 2.6.x IPv4 packet filtering ruleset. It is targeted towards system administrators. Please, when asking a question about iptables, add the output from the following command: iptables -L -v -n

iptables is userspace utility complementary to Linux kernel-level Netfilter firewall.

When seeking help in regards of the firewall configuration it's advisable to supply iptables-save output to give a readable ruleset listing possibly appending it with iptables -L -v -n — to give matching ruleset information.

6406 questions

votes

2 answers

Secure iptables config for Samba

I'm trying to setup an iptables config such that outbound connections from my CentOS 6.2 server are allowed ONLY if they are of state ESTABLISHED. Currently, the following setup is working great for sshd, but all the Samba rules get totally ignored…

iptables samba centos6

asked Jun 04 '12 at 02:17

Eric

votes

1 answer

iptables after drop ftp goes through

I cannot deny access to FTP for a IP address. First of all i needed to deny everything so i did like this: #iptables -F #iptables -P INPUT DROP #iptables -P OUTPUT DROP #iptables -P FORWARD DROP Then I opened FTP: #modprobe…

iptables opensuse

asked May 17 '12 at 23:28

Mike

votes

2 answers

iptables blocking traffic

Can someone please explan why IPTABLES is blocking any ports in this list of rules: Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere state…

iptables

asked May 14 '12 at 08:31

DD.

3,024
10
34
50

votes

1 answer

Slumbering apache server refusing connections, but not via localhost

I'm pushing a moderate amount of traffic (about 20 req/s) to a simple PHP API running on an Apache server. The Apache server slumbers (mod_status barely registers one active request), however, I'm seeing "Connection Refused" errors happening…

linux apache-2.2 networking iptables

asked May 09 '12 at 23:32

Ross

votes

2 answers

How can I get port forwarding to work with iptables?

I want to protect my MySQL Server from portscanners/probes. So my idea is to put the external port on let's say 36636, internal port has to stay at the default 3306 for compatibility with local apps. A MySQL client connects to…

mysql iptables port-forwarding

asked May 07 '12 at 14:45

Tobe

votes

2 answers

Redirect traffic between two ports with iptables

My goal is to run a webserver on port 3000 and make it available to my network over port 80. The best answer I found so far is this nice one liner. iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3000 But this only effects…

linux firewall iptables port-forwarding

asked May 05 '12 at 17:53

TheHelix

votes

2 answers

Iptables: Forwarding packets doesn't work

I have 3 Linux Systems A, B and C. A is a TCP Client and sends a message to TCP Server on C. A can see only the external IP of B which is at wlan0 interface, 192.168.0.3 ------------------ --------------------- …

iptables nat port-forwarding

asked May 02 '12 at 12:30

user907810

votes

1 answer

IPTables unable to nat trough VPN

I have a VPN connection to a server on a remote location. I want other pc's to be able to reach the webserver on the remote location trough the VPN connector. But i can't get where i want. This is the situation: VPN Server (and also the webserver):…

ubuntu vpn firewall iptables openvpn

asked Apr 27 '12 at 12:23

cygnusx

votes

4 answers

How to formulate IP forwarding rule using iptables

I have two Systems A and B. A is a TCP Client and sends a message to TCP Server on B. ------------------ -------------------------- System A System B 192.168.0.5 wlan0 192.168.0.3 wlan0 …

linux iptables tcp linux-networking

asked Apr 26 '12 at 08:32

user907810

votes

1 answer

Routing smtp and pop3 past iptables through proxy

following setup: Client(Outlook) <-----> |eth1 PROXY eth0 | <------> Interwebs How do i manage to do this? Setting the standard policy of all filter tables to ACCEPT doesnt change a thing, so is prerouting the way to go? Greets, Kai

iptables proxy outlook

asked Apr 23 '12 at 18:19

Kai

votes

1 answer

iptables is not allowing me to contact my dns nameservers

I have the follwing iptables rules: Chain INPUT (policy DROP) target prot opt source destination ACCEPT tcp -- anywhere anywhere tcp dpt:ssh ACCEPT tcp -- anywhere anywhere …

centos iptables

asked Apr 10 '12 at 03:57

arrowill12

votes

4 answers

CentOS not allowing remote MySQL connections

When assigning a user from a remote IP to connect to a database it is saying that it's failing to connect. It is also failing to connect with root so something is wrong. Bind IP is off and I have also tried disabling iptables, still no dice. Port…

centos mysql php iptables

asked Apr 06 '12 at 10:34

nd8ad

votes

1 answer

Set generic iptables rules?

This may be a really dumb question but how can you open a port on multiple interfaces without defining the interfaces? For example how do I open port 22 on all interfaces? On my machine I have some interfaces that are dynamic and may or may not be…

firewall iptables slackware

asked Apr 05 '12 at 22:35

tftd

1,480
7
24
38

votes

2 answers

IPtables: is there a minimum UDP packet size for a DNS lookup?

IPtables for a virtual dedicated server. I would like to block UDP scans and I was wondering whether there's a minimum packet size for a DNS lookup? Nmap sends 0-byte UDP packets (source : http://nmap.org/bennieston-tutorial/ ), but there're…

domain-name-system iptables udp nmap

asked Apr 02 '12 at 22:59

Kris

1,347
3
15
16

votes

3 answers

Limit UDP connections per IP iptables

I want to limit connections per IP for a specific UDP port. I got it working for TCP, but somehow it doesn't work on UDP. These are my rules: For TCP (working) iptables -A INPUT -p tcp --syn --dport 7787 -m connlimit --connlimit-above 3 -j REJECT…

linux udp firewall iptables

asked Mar 31 '12 at 13:12

habl

Prev 1 2 3

…

100 Next