Questions tagged [firewall]
a technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts
526
questions with no upvoted or accepted answers
10
votes
0
answers
1k
views
NetHogs showing suspicious (outgoing) traffic to random ports from root on Ubuntu 16.04
Using NetHogs on an Ubuntu 16.04 (web) server, i.e. on a machine where no consumer applications or web browsers are installed, besides traffic that is to be expected (HTTP and SSH)
PID USER ...
- 416
9
votes
1
answer
4k
views
Using UFW with ipsets
I am running Ubuntu 14.04 on a VPS for business purposes. The firewall is setup using ufw; testing reveals that it's working well. I'd like to further secure my server using techniques described ...
- 191
5
votes
1
answer
209
views
Accessing a LAMP webserver that's behind a Ubuntu VM acting as a firewall
I currently have two VM's set up in the following manner:
/-----------------------\
/-----------------\ | Ubuntu VM | /---------------\
...
- 51
4
votes
0
answers
670
views
UFW status is getting problem running iptables
I want to use UFW (version 0.36) but I get this error when running ufw status:
ERROR: problem running iptables: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?...
- 41
4
votes
0
answers
2k
views
Completely disable IPTables
I have been playing around with switching to nftables (purely as a learning exercise). I have it all working perfectly except for the fact I have to manually unload iptable_nat from the kernel after a ...
- 171
4
votes
0
answers
14k
views
Can't access port from outside
So I just served up some directory using python SimpleHTTPServer and I'm unable to access port from another machine on the same network. It works fine locally, with localhost:port as well as ip:port ...
- 141
4
votes
0
answers
7k
views
Does Ubuntu now use bpfilter or netfilter?
I'm trying to put together a firewall/router using netinstall of Ubuntu 18.10 with bpfilter. I know it's packaged by default with kernel >=4.18 these days, but I'm a little confused about how to ...
- 1,286
4
votes
0
answers
899
views
UFW Blocking Legitimate Traffic
I am currently getting this kind of message in the UFW and sys logs:
xxx kernel: [4962636.572484] [UFW BLOCK] IN=et0 OUT= MAC= SRC=xxx.xxx.xxx.xxx DST=xxx.xxx.xxx.xxx LEN=52 TOS=0x00 PREC=0x00 TTL=52 ...
- 302
4
votes
0
answers
531
views
Vagrant NFS folders + Firewall rules
I am trying to configure the firewall -via the GUI tool- on 14.04 by adding rules to allow NFS folder sharing with my vagrant box. However this only works when the firewall is disabled as on vagrant ...
- 176
4
votes
1
answer
61
views
Is there an iteractive firewall extension available for Ubuntu?
Every time something on my computer tries to contact an external host or an external host tries to contact my computer I would like to be asked if I authorize this and if I would like to create a rule ...
- 57.5k
4
votes
2
answers
7k
views
apache2 on ubuntu 14 - localhost works but ip doesn't
I've just installed apache2 on my box, along with php5.
I can navigate to "localhost" and it works. But I can't access this webserver from another machine... or even locally using the IP ...
- 535
4
votes
0
answers
364
views
How do I find which OS layer (iptables, rp_filter, etc) is dropping a packet?
Let's say that I'm running a ping towards a machine and I see from tcpdump that the icmp echo reply is being received at the ethernet port but the ping program is not getting it.
So I know that ...
- 741
4
votes
2
answers
1k
views
Ubuntu 20.04 Server UFW does not activate automatically
Lately, I've noticed that UFW is inactive until I activate it manually.
I've run ufw enable multiple times, checked that ufw.service is active, but it still does not start on boot.
Output of systemctl ...
- 497
3
votes
3
answers
316
views
Having issues locking down public server with iptables
I'm rather new to Ubuntu. I'm trying to lock it down to where I have complete access to it from my ip address and everyone else only has access to port 80 and 443.
To better understand it, I put my ...
- 521
3
votes
0
answers
2k
views
Ikev2 Strongswan vpn: UFW doesnt route internet traffic
I installed a strongswan ikev2 vpn many times on ubunut without problems. But now on a fresh installed ubuntu server I cant get it to run.
Connect to the vpn does work but I cant get a internet ...
3
votes
0
answers
460
views
Why is my port not open? Ubuntu 18.04
I have a NGINX server running on my local network which as a test that just returns the word "holding". But, I cannot access it from any other PC on the network even though it looks like it is ...
- 161
3
votes
0
answers
185
views
Webpage can not get access from the world!
I have installed a fresh Apache with a fresh Ubuntu server. I did not make any changes to my server yet. The default Apache website is visible from other PCs inside the private network.
The ports 80 ...
- 31
3
votes
0
answers
2k
views
Who is blocking my Docker default network?
The situation is, for a simple docker command:
docker run -d -p 3128:3128 my_squid_container
it works fine within my home. However, when using the same Docker container in the Azure Ubuntu server, I ...
- 1,065
3
votes
0
answers
43
views
a More Active(prompting) GUFW
Excuse me Please:
I am currently in the process of installing/configuring Ubuntu 16.x, and will be installing GUFW.
I would prefer to avoid passive applications, and would that the "firewall" ...
user460841
3
votes
0
answers
5k
views
Getting Error trying to install install ufw on a freshly installes ubuntu 16.04
On a fresh Ubuntu 16.04 LTS install after installing nginx, php, mysql I was trying to install ufw.
First, when I tried to allow Port 22/OpenSSH I came across an iptables error.
ERROR: initcaps
[...
- 131
3
votes
0
answers
924
views
Iptables Rules for Ubuntu 16.04 based Firewall
I am trying to set iptables rules in my server to use it as Ubuntu 16.04 based Firewall. I have fair knowledge in Ubuntu. I did some search in Ubuntu help site and in Askubuntu. I came up with the ...
- 31
3
votes
0
answers
349
views
Ubuntu server periodically unreachable
I have an Ubuntu Server 14.04 server running. The server has two NICs and acts as a NAT router, with the help of shorewall. Shorewall also acts as a plain firewall for blocking ports that I don't want ...
- 234
3
votes
0
answers
1k
views
UFW is DENY/DENY, but PACKETS are still getting out of my ethernet device. Why is this?
Hello,
I have a question. I would like to use the UFW Ubuntu Firewall to lock both Input and Output completely from the server to ensure no packets are sent initially as a baseline.
I enabled UFW, ...
- 785
3
votes
0
answers
2k
views
SSH connections rejected after UFW allow 22
I am trying to setup UFW on a 12.04 server.
SSH works great with UFW off.
Setting
root@ugvps:~# ufw enable
Firewall is active and enabled on system startup
root@ugvps:~# ufw status
Status: active
...
- 31
3
votes
1
answer
336
views
Failed network lookup
I'm running Kubuntu 12.10. I am having three networking problems that I think might actually have a common cause, even though they are in apparently unrelated areas. I had them in 12.04 also:
When ...
- 2,141
3
votes
1
answer
2k
views
How can I block a range of IPv6 addresses?
Are there any IP blocking applications or firewalls that support IPv6?
The ones I know about (pgld, moblock (sunset?) , nfblock, iplist (looks old)) are only for IPv4.
- 753
2
votes
0
answers
113
views
External HTTPS succeed, internal HTTPS requests timeout on home server
I am running Ubuntu Server 22.04.3. I am using it to serve an API built on Flask, which goes through Gunicorn and NGINX to hit the outside world. The server works as expected for requests served over ...
- 121
2
votes
0
answers
198
views
iptabels firewall rules for INPUT while Tor traffic on lubuntu 22.04 LTS
i do have lubuntu 22.04 LTS and TOR daemon with the torrc config
VirtualAddrNetwork 10.192.0.0/10
AutomapHostsOnResolve 1
TransPort 9040
DNSPort 9053
and iptables rules
#exclude locals
TOR_EXCLUDE=&...
- 21
2
votes
1
answer
403
views
UFW - Default Deny Incoming does not block telnet
I have an Ubuntu 22.04 LTS Server setup on a VM. I have ufw enabled with default deny incoming policy
The result of sudo ufw status verbose is:
Status: active
Logging: on (low)
Default: deny (incoming)...
- 123
2
votes
2
answers
558
views
Unexpected entries in firewall log (ufw)
Background
I recently installed Ubuntu 22.04 LTS desktop. I left all the default settings untouched during installation, and additionally installed google-chrome and VLC.
The machine is behind a ...
- 141
2
votes
1
answer
2k
views
Ubuntu 22.04 UFW NAT problems
I've done an in-place upgrade from Ubuntu 20.04 to 22.04 and I've found that NAT no longer functions on this firewall box. Before the upgrade, the private network could reach the Internet just fine. I'...
2
votes
0
answers
2k
views
Open server port 80 and redirect to container IP
I'm not an heavy user of unix based systems. And I have some trouble opening a server's port (80) to the public and redirect it to a running container.
So basically, I have a running container on a ...
- 71
2
votes
0
answers
1k
views
ufw block error seen in journalctl -xe command
I'm newbie in networking and system security. I am trying to create openconnect server which tutorial is found in this link. I have also seen the similar issues like this one, but they don't make ...
- 241
2
votes
1
answer
693
views
Show UFW comment in IPTABLES
I started to use ufw for easier maintaince.
For my telegraf plugin the iptables entry needs to have a comment added with -m comment --comment "myComment".
UFW does have a comment feature, ...
- 628
2
votes
0
answers
815
views
I can't access port externally. What can I do?
(Ubuntu 20.04)
I have ufw disabled, and I can't seem to access my game server externally with the public IP and port (1848). I can however, connect locally, just not externally.
When I run: netstat -...
- 103
2
votes
0
answers
1k
views
UFW enable freezes current SSH session port 22 open
Working on a VPN killswitch and playing with UFW. I'm experiencing a putty SSH session freeze when enabling UFW. Port 22 is open and it only freezes the session where the UFW enable command was sent ...
- 31
2
votes
0
answers
158
views
ZMQ ZAP connection problem in ubuntu server 18.04
I'm using python and ZMQ to publish and subscribe data through a TCP network connection. I tried to connect in normal mode (without ZAP) and ZAP mode which is an authentication protocol.
I've tried it ...
2
votes
0
answers
3k
views
Cant ping with UFW enabled
I am having an issue with UFW on Ubuntu 20.04. I am running a Nextcloud server on this machine, and my default is to deny incoming and outgoing, except for port 443 which works fine. This is causing ...
- 35
2
votes
0
answers
131
views
block flow with iptables
To block packets containing some string we use the following iptables rule:
iptables -I FORWARD 1 -p tcp --dport 80 -m string --string anypattern --algo bm -j DROP
This will block the packet ...
- 507
2
votes
1
answer
3k
views
systemd-resolved iptables rules
Before systemd-resolved my iptables rules for DNS were
DNS_SERVER="8.8.8.8 8.8.4.4"
echo "Set default INPUT policy to 'DROP'"
$IPT -P INPUT DROP
for ip in $DNS_SERVER
do
echo "Allowing DNS ...
- 159
2
votes
0
answers
2k
views
UFW rules allow traffic, but iptable blocks it
I've just learned that my default Ubuntu 18.04 VM comes with UFW. According to the Ubuntu Wiki, UFW:
is a frontend for iptables and is particularly well-suited for host-based firewalls.
Upon ...
- 121
2
votes
0
answers
4k
views
Are UFW IP groups possible?
I have a giant list of IP addresses I need to manage incoming access for. They are also constantly changing.
Is there a way to create a group of IP addresses/ranges for a firewall rule?
That way, ...
- 153
2
votes
1
answer
185
views
ssh connection times out
I have 2 Ubuntu servers that I access via their IP addresses, which are named bris (running Ubuntu 14.04) and syd (running Ubuntu 18.04).
When trying to connect from syd to bris I get:
root@prod:~# ...
- 217
2
votes
1
answer
1k
views
Split network traffic between two nic depending on app?
I'm running a transmission daemon. I'd like only its torrent traffic to only go through eth0 while its RPC traffic, and all other network traffic, to only go through eth1.
I think I can configure ...
- 133
2
votes
0
answers
843
views
How do I use a Whitelist approach for some files with App Armor?
I'm pretty new to using AppArmor and am unaware of all it's features. I was wondering if it is possible to apply Whitelisting behavior to some files with App Armor?
I think whitelisting and ...
- 1,083
2
votes
0
answers
919
views
Allowed port 22 with UFW and installed SSHguard but can't SSH
I've installed a new Ubuntu 16.04 with SSHguard (apt-get install sshguard), and then enabled UFW:
sudo ufw enable
I then allowed some ports:
sudo ufw allow 22,25,80,443,9000/tcp
Yet I can't login ...
2
votes
1
answer
2k
views
Adding multiple condition for iptables rules
I'm trying to use iptables with modbus as a firewall. Is it possible to implement the two rules below as one line of rule?
sudo iptables -A INPUT -p tcp --dport 4031 -m u32 ! --u32 "0>>22&...
- 21
2
votes
0
answers
1k
views
Forward FTP to another Server
I am trying to forward all incoming FTP Connections at Server A to another Server B. I tried this using iptables and am able to connect in first step. The problem is that after entering the passive ...
- 21
2
votes
1
answer
2k
views
Client gets LAN ip but no internet
I've stumbled upon a rather specific problem and I do not have the knowledge to solve it on my own. I've set up a Ubuntu server (16.04.2) which will act as a router. Until now I've configured two ...
- 21
2
votes
0
answers
836
views
Requests from external network fail, though initial packets reach server
I have an Ubuntu 16.04.1 LTS server that serves pages just fine to anything on the same network, but fails to respond to requests coming from outside.
Packets appear to reach the server OK (so I don'...
- 21