Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [traffic-filtering]

Traffic filtering allows a device to apply security restrictions to network traffic. Filtering can be done on many levels but the most common are TCP, UDP and IP filtering.

41 questions
6
votes
1 answer

Tools for detecting network traffic filtering

In Iran we have an ongoing problem with the govt. blocking and manipulating various network protocols. I'm looking for a tool, framework or platform to help us analyze and report on any of these activities. If the framework would let us write custom…
Iman
  • 63
  • 4
3
votes
1 answer

Ingress filtering in Linux traffic control: Redirect traffic to IFB device

I have an openwrt router and I want to shape incoming traffic in order to classify all the traffic addressed to a certain IP address in my home network as low priority. For that purpose I want to redirect all traffic incoming to the eth1 interface,…
Dani Camps
  • 301
  • 6
  • 11
3
votes
4 answers

Is there a good way to keep IPv6 multicast packets off WiFi?

I work on a product that consists of a number of headless Linux boxes that work together as a cluster. These boxes synchronize their state with each other by sending proprietary-format link-local IPv6 multicast packets (to ff12::xxxx%en0). These…
Jeremy Friesner
  • 1,311
  • 1
  • 14
  • 25
2
votes
2 answers

Limit packet rate, open connections, and IP addresses

On Linux, can I use tools like tc, iptables or others to control/shape network traffic on a network interface, for the following purposes: Control the network packet number rate (or the total number). Control the number of IP addresses connected…
WindChaser
  • 123
  • 1
  • 6
2
votes
2 answers

How to stop a site from redirecting to yours?

One of our competitors recently shut down. Instead of just taking their site down, they decided to redirect all their traffic to us with a 302 redirect. All of the traffic is redirected to us with the original path from their site, resulting in 404…
Eran Galperin
  • 629
  • 1
  • 5
  • 8
2
votes
2 answers

Rejecting traffic where ACCEPT header is empty on favicon.ico requests

As part of filtering out potential harmful traffic, I currently reject traffic where $_SERVER["HTTP_ACCEPT"] is empty. I notice from my logs that a fair number of requests have been rejected due to the accept header being empty and some of them come…
mseifert
  • 359
  • 1
  • 4
  • 12
2
votes
1 answer

What is the purpose of filtering egressing traffic (CSF)?

For a while now I am using CSF as main firewall with LFD, and OSSEC as main IDS. (I like OSSEC over the overreacting builtin IDS of CSF). I tested it for small DoS attacks such a slowloris variants and synfloods. Works fine. Apache is running with…
BTZ
  • 23
  • 4
2
votes
1 answer

Linux income filtering based on private destination IP address

I am trying to set up a QoS script in my OpenWRT box so that traffic coming from the Internet is classified into a low prio and a high prio class. The criteria to classify traffic is its destination IP address within my home network, i.e. a private…
Dani Camps
  • 301
  • 6
  • 11
2
votes
2 answers

What is 17.10.13.204 (Apple?) doing that's always blocked as port-scanning traffic?

I've just recently noticed an IP address that has been showing up in our SonicWall logs on a pretty frequent basis. Throughout the course of an average day, we'll see around 100 dropped packets originating from 17.10.13.204, which is in a block of…
walkeran
  • 356
  • 1
  • 5
2
votes
2 answers

Cisco ASA not forwarding traffic from one interface to another

I am needing help in the configuration process of my Cisco ASA 5510. I have set up 4 Cisco ASA interconnected together via a big LAN. Each Cisco ASA has 3 or 4 LANs attached to them. The IP routing part is taken care of by OSPF. My problem is on…
Antoine Benkemoun
  • 7,314
  • 3
  • 41
  • 60
1
vote
1 answer

haproxy http check with a backup server shows 503 at main server down

I have been trying to setup a forward with haproxy. listen POC-2019-02-03 bind 0.0.0.0:8083 timeout connect 14000 timeout client 180000 timeout server 180000 mode http option forwardfor http-request set-header…
Fahad Ahammed
  • 113
  • 1
  • 7
1
vote
1 answer

traffic shaping using ifb redirect

I would like to use ifb to perform some shaping for multiple virtual interfaces. However, I am not sure how to tell the ifb interface to egress to a dedicated egress interface Right now vnet0 -> mirrer action mirror -> ifb0 I would like to to…
user2066671
  • 115
  • 2
  • 10
1
vote
3 answers

Unexpected ports open (traffic filtering?)

Discovered this when securing my VPS. No matter which host I scan with nmap, I always get these 2 ports open: 1863/tcp open unknown 5190/tcp open aol What could be the reasons for this? EDIT: I'm performing a simple nmap host.name scan on servers…
yanchenko
  • 259
  • 1
  • 6
  • 13
1
vote
2 answers

plesk + high POP3/IMAP traffic, how to check details?

Please check this image, it's a screenshot from plesk 10 of 1 domains mail traffic: This domain has about 1GB POP3/IMAP (OUT) traffic each day. I know that this is not normal because I know the owner and how he's using his mail. It's just some…
Danzzz
  • 55
  • 1
  • 5
1
vote
5 answers

Barring connections if VPN is down

I have a VPN account and use it for sensitive communication. However the VPN connection sometimes is dropped while my main connection to the internet is still alive. The pages I visit through VPN are on HTTP (not secure) and have javascript code…
Majid Fouladpour
  • 269
  • 4
  • 19
1
2 3