Traffic filtering allows a device to apply security restrictions to network traffic. Filtering can be done on many levels but the most common are TCP, UDP and IP filtering.
Questions tagged [traffic-filtering]
41 questions
1
vote
3 answers
Cisco IOS router MAC or IP address filtering
I'm trying to filter a specific device from my network. Either MAC or IP address filtering would do the trick, but I have trouble finding the exact Cisco IOS commands to use. My router is a Cisco 870 and the device is connected through wifi (if that…
SaltyNuts
- 275
- 1
- 6
- 12
1
vote
0 answers
shape voice linux traffic using tc
How to set up a traffic control policy so voice traffic has maximum bandwidth of an specific interface?
I tried
tc qdisc add dev $WIFI handle 1: root tbf rate 10mbit burst 32kbit latency 10ms
but how to determine that this bandwidth will adjusted…
user3778640
- 11
- 1
1
vote
3 answers
Weird TCP/IP behavior on Linux server as well as enterprise Firewall on port 21
This is a tricky one.
TL;DR:
1) Client establishes TCP handshake with the firewall on
(closed/unavailable) port 21, even though firewall does not respond to
client's SYN packet.
2) Client sends 1 SYN packet (no retransmit), firewall sees 3 SYN
…
PoJam
- 111
- 5
0
votes
1 answer
Filter/Analyze virtual machine traffic on another physical machine
Consider a host machine running multiple virtual machines. Hypervisor is most likely KVM with libvirt. The host machine should be connected to some firewall or switch for filtering/analyzing traffic. Is there some way to setup the host or VMs so…
0
votes
1 answer
Filter traffic from IPv4 to IPv6 and vice versa
I've tried to filter (using nftables, but I'm open for a change if it works using iptables) traffic coming from an IPv4 network to an IPv6 network, but can't figure out how to do it.
Suppose I have a file with this rule:
table inet filter {
…
Nisse
- 1
0
votes
2 answers
How to make a IP Address Connecting to your DNS Server use another DNS Server with Conditions
As you can see, the Title is quite a mouthful but i don't exactly know what to call it but what it is..
PC1 (External):PC2 (Local):
IP: 41.1.2.3
DNS: 168.5.5.5
IP: 41.4.4.5
DNS: 168.5.5.5
Restricted DNS:
IP: 168.5.5.5
Unrestricted DNS:
IP:…
Paul
- 1
0
votes
1 answer
Send received mirrored traffic using iptables to docker application?
I have a setup that receives mirrored traffic from many IP addresses on my network card (eth0).
I wanted to send the received packets destined to a particular IP address(say 8.8.8.8) to a docker container running on the same host (say with IP…
n00buser
- 1
- 1
0
votes
1 answer
filter with iptables incoming fraffic from VPN
I have set up a VPN to a private service provider via OpenVPN.
This setup is using the VPN as default gateway.
It all works fine but when I try to apply some basic iptables rules to filter traffic in and out the tunnel, I don't seem to be able to…
user3018558
- 105
- 1
- 9
0
votes
1 answer
How to allow data quotas using nDPI netfiltering
I am trying to allow a certain data quota for a user using nDPI netfiltering.
This is the command I used for checking it.
iptables -A INPUT -m ndpi --quota 2048 -j DROP
Result is
iptables v1.6.0: unknown option "--quota"
As I read in this manual…
Sachith Muhandiram
- 193
- 3
- 8
0
votes
2 answers
Inspecting TLS/SSL passing in/out of a network without specialised device?
At the moment I'm managing a small home office setup - a few PCs and a soft open source x86 *nix based router. I'd like to move traffic scanning / inspection onto an edge device.
The motive is to increase the barrier for undetected malware and…
Stilez
- 664
- 6
- 14
0
votes
1 answer
How to filter request using IP restrictions OR a filtering rule
We have an IIS site right now that has an allow list for a specific list of IP addresses, and all other IPs denied by default. We want to add another rule, that states that if the request coming in as a user-agent of a specific value, then allow it,…
M.R.
- 143
- 1
- 8
0
votes
1 answer
Spam Traffic, DDOS Attack & Server Crashing
I am running phpfox application in my server under my main domain name fetlock.com and I am getting large amount of spam and also suffering from DDOS attacks from multiple IP addresses. My server hardly stands for 20 hours and Apache stops…
Kars
- 1
- 1
0
votes
0 answers
Trouble using net_cls control group in tandem with tc for packet filtering
I'm having some trouble limiting network bandwidth using the net_cls control group in conjunction with the linux traffic controller (tc). I think I might just be confused about how I'm writing the filter rules. I figured the easiest way to manage…
Rooster
- 485
- 2
- 7
- 21
0
votes
1 answer
Managed switches and WFilter
we are looking to use WFilter to monitor workstation traffic, it looks like we need a router or switch that does port mirroring, now would that mean we need a managed switch? And if so, would all the switches we use in the building need to be…
thegaffney
- 235
- 2
- 8
0
votes
1 answer
Security risks of allowing incoming traffic as a response of a previous request
I understand that somebody would want to block incoming traffic as a general rule except for public resources. And I also understand that you could want to block all outgoing traffic except for certain external services.
But is there any serious…
elitalon
- 209
- 5
- 15