All Questions
Tagged with iptables networking
659
questions
0
votes
1
answer
24
views
How to match the --out-interface to the same --in-interface in iptables
The system have multiple interfaces: eth0, eth1, eth2, ... br0, br1, br2, ...etc.
The following rule will allow packets from "br0" to "br0":
iptables -A FORWARD -i br0 -o br0 -j ...
- 393
0
votes
0
answers
11
views
Forwarding https traffic from openvpn to internal server which has internet access
I am trying to achieve the following behaviour
Client <--> openvpn at 1194 <--> internal server at port 8080 <--> internet
I used iptables prerouting route on nat with DPORT 80 and ...
- 1
0
votes
2
answers
111
views
Portforwarding Port 22 ( for ssh ) over JioFiber Router not working ( port 22 is closed )
I am using a JioFiber Router ( Firmware version : SRCMTF1_JCOW414_R2.52.1 ) . The host that I want to expose to the internet has Ubuntu Server 24.04.
Private IPs :
Router ...
0
votes
0
answers
15
views
Shared connection unable to block ports
I am in need to test our connectivity of our device (specifically, how our device responds when unable to reach certain ports).
So I am trying to control the ports, by sharing the internet connection ...
- 161
0
votes
0
answers
21
views
Route between two network interfaces (one with VPN, the other one served DHCP addresses)
I tried to find an answer to my question, but I've not found anything...If this has been asked and answered I'll be happy with a pointer.
I have a server running Ubuntu 23.10 with two network ...
- 1
0
votes
0
answers
33
views
iptable-save command not showing any output
When i run iptables-save command on Ubuntu Ubuntu 22.04.3 LTS and Ubuntu 20.04.4 LTS it not showing default firewall chain rules when i run this other linux example centos or redhat i am able to see ...
0
votes
0
answers
30
views
Openvpn service running, not connecting to tunnel after changing iptables
I'm trying to make a kill switch for my pi to only allow traffic through the VPN. I made the changes below to iptables and disabled IPv6 in sysctl.conf. This is not my area of expertise so I'm hoping ...
- 1
0
votes
0
answers
16
views
Dual nic server with open client http port unreachable
I am setting up a poe switch connected to my ubuntu server 20.04. I am running an amd 5700 with some generic parts in a minipc that is being used as an nvr. I have a internet facing nic, eno1, where ...
1
vote
0
answers
41
views
Unable connect via port knocking
I am trying to set up port knocking on my server to enhance security. I've configured my firewall rules to use port knocking, where I have to connect to specific ports in a specific sequence before ...
- 11
0
votes
1
answer
80
views
ufw won't put custom rule in the correct place at reboot
My general issue is that I lose contact with my Ubuntu 23.10 on ssh once I close my ports using knockd. I would like for it to maintain existing connections.
I have a custom rule
> iptables -I ...
- 160
0
votes
0
answers
35
views
How to enable communication between 'software' netplan configured vlans
I have searched far and wide so I if it looks like I have no idea what i'm doing, that is because it is a correct assumpstion. Usually we do this ourselves with our MikroTik router setup. We have a ...
1
vote
0
answers
135
views
Clients got IP-addresses from DHCP but can't reach Internet
I'm trying to build home router from device with two ethernet ports (enp2s0 and enp3s0) and WiFI (wlo2), based on Ubuntu Server 22.
Everything is set, clients can connect via wifi to the router (it's ...
- 11
0
votes
2
answers
1k
views
Route traffic on different ports through different network interfaces
My situation is this: I’m setting up a server running at home (Ubuntu Desktop 22.04.3 LTS) to run an email server and a few other online services. As we all know, for my email to work reliably and not ...
- 45
0
votes
0
answers
128
views
Still getting [UFW BLOCK], which rules apply?
I still get a message UFW BLOCKED:
Dec 22 05:12:41 ge-domoticz kernel: [5324365.003868] [UFW BLOCK] IN=eth0 OUT= MAC=b8:27:eb:a1:7b:8b:38:1f:8d:e9:e4:9f:08:00:45:00:00:28:92:8c:00:00:ff:06:2f:d4 SRC=...
0
votes
1
answer
257
views
Port Forward for LAN
I bought a server and have Ubuntu 22.04 installed.
When I run various Github projects like Text Generation Webui, Automatic1111 Stable Diffusion, etc., how do I forward the port to access it from my ...
- 103
0
votes
0
answers
348
views
Ubuntu 22.04 iptables command not working
I posted this same question in another SE forum, later felt this forum is more appropriate considering the Linux Distro I am dealing with.
Totally new to netfilter thing, currently am running an ...
- 101
0
votes
0
answers
100
views
How to simulate a NAT network in Ubuntu host with iptables and iproute2?
I want to simulate NAT network mode of virtual machines without using any vm-specific tools. The detailed goals are the following:
The VMs have internal network IP 10.8.20.0/24
The physical nic eno1 ...
- 101
0
votes
0
answers
30
views
I'm attempting to execute a Flask test file, but when attempting to access it through the browser, an error stating that the site cannot be reached
I have tried creating an inbound rule in my firewall to allow port <5000> but its still showing site cannot be reached.
i have also tried to Check UFW (Uncomplicated Firewall) with this command
'...
- 1
0
votes
0
answers
89
views
nslookup works but network no
System information:
ubuntu server CLI only 22.04.3 LTS.
Kernel 5.15.0-88-generic
I'm using zerotier network to connect to my server. Everything worked fine and then maybe I changed something, maybe no,...
0
votes
0
answers
286
views
Setting up a reverse proxy on home lab
I'm very new to Linux and bash. I'm working on a homelab (machine a) project.
My ultimate goal is to set up Nginx on my server and connect externally (machine c) to Docker apps File Browser, possibly ...
- 1
4
votes
1
answer
955
views
I can't connect to Ubuntu server from local network, but can from outside
This is a weird one that has been driving me crazy for a while. I just can't work it out.
I'm running Ubuntu 22.04 (with all latest patches) on a Dell PowerEdge-r710 server. It's hosting a variety of ...
- 143
0
votes
1
answer
664
views
Ubuntu Router configuration with UFW
Going down the ubuntu 20.04 server route and using UFW.
Steps so far (from a clean install)
Network Layout attached
networking configured with netplan - YAML file below - question here is do I need ...
- 1
1
vote
1
answer
156
views
BIND9 on Ubuntu 20 - Cannot configure Zone to work properly
I installed it on Ubunto 20 and configured two zones
Options config file
acl internal {
localhost;
localnets;
192.168.70.0/24;
10.200.157.0/24;
};
options {
...
- 11
0
votes
0
answers
170
views
Restrict access to Docker container port to ip adresses
There are several docker containers on my server, exposing ports. Now I try to restrict the access to the ports to IP-Adresses being able to insert rules without allowing the policy. I apply IP-Tables ...
- 1
0
votes
0
answers
342
views
Use TPROXY feature of iptables with Ubuntu 22.04
I'm trying to use the TPROXY feature of iptables.
For example :
iptables -A PREROUTING -t mangle -p tcp -i eth0 -j TPROXY --on-port 5000 --tproxy-mark 1
This feature works perfectly on Ubuntu 16.04 (...
- 1
0
votes
1
answer
358
views
Iptables TCP NEW state vs TCP flags in Ubuntu 22.04
I would like to double check what is the behaviour of NEW state in TCP connections in iptables (Ubuntu 22.04).
Does it only accept SYN=1 and ACK=0/FIN=0/RST=0 in tcp flags?
More detailed example - let'...
- 113
0
votes
0
answers
73
views
Automatically created iptables rules created by Docker seem strange
Here are the rules that I don't understand (those are created automatically by docker on my ubuntu machine):
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
So ...
0
votes
0
answers
103
views
Simulate an NVA Appliance in Azure that forwards traffic with an Ubuntu VM
In Azure, I have 3 VirtualNetworks, A, B and C. A and B are peered to C.
I have an Ubuntu VM in all 3 of them.
I would like to have the VMs in VirtualNetworks A and B, be able to talk to one another ...
- 101
0
votes
1
answer
146
views
Port Forwarding to another machine Rust gameserver
I need to forward UDP port 28015 of my local machine to another machine with port UDP 28021. Rust Game Server. (Redirect incoming traffic on a specific port to a different IP address with altern port)
...
0
votes
0
answers
54
views
Port Forwarding to vboxnet0 with saving client's real IP
I set up the internet on a virtual machine that is running through VirtualBox and set up port forwarding. First, in rt_tables of Host Machine (iproutes2) I added this:
100 vm0
Then I run this:
ip ...
- 127
1
vote
1
answer
128
views
Unable to establish network route
I am struggling to establish a network route from my laptop to another device. I will admit that my networking background is lacking, so sorry for the ignorance. I have the following setup:
[Device-A] ...
- 11
1
vote
0
answers
608
views
wireguard + ufw = unable to limit access to specific port
So I'm trying to limit access to port 5432 (postgres) by using ufw and unable to do so. The connection is allowed still
sudo ufw deny 5432/tcp
sudo ufw route deny in on wg0 from 10.0.10.2
root@vpn-...
- 141
0
votes
0
answers
701
views
Connection via SSH works once or twice then never again for that client
I have recently set up a Ubuntu Server minimized. I initially used the server through an SSH with client1 but after one use I kept getting Connection Timed Out when attempting to ssh from client1. I ...
0
votes
0
answers
143
views
iptables & ip_forward issue
I am having a very annoying issue and I don't know what's wrong. I also feel like I am very close to having it working, so there must be something obvious I'm doing wrong.
I am trying to connect to my ...
0
votes
0
answers
311
views
Issues setting up wireguard on an Ubuntu 22 machine
It's the first time I'm trying to set up a wireguard server on a Ubuntu 22 machine and I don't understand what exactly am I doing wrong. I'm using https://github.com/angristan/wireguard-install as an ...
0
votes
0
answers
314
views
What is the best way to seperate routing tables in Ubuntu?
I'm building a lab environment with multiple routing devices and 2 Ubuntu machines as clients (22.04.2). The ubuntu machines need to act as 8 independent clients (from networking point of view) ...
- 3
0
votes
0
answers
102
views
should i block all ping requests?
My intention is seek for protection, no needed to be a server, so i whant to avoid all kinds of SSDP, i've found some codes and need to know if its enough or too much:
iptables -I INPUT 1 -p icmp -j ...
0
votes
0
answers
352
views
PBR routing doesn't work on Ubuntu 22.04 Server
I'm attempting to configure my server, but it's proving to be impossible. Thus, you are my last hope!
To provide some context, my virtual server (Ubuntu 22.04 server TLS) has 3 network devices ...
- 1
1
vote
0
answers
910
views
How to allow SSH only from WireGuard and one IP
This is production server and I need to add rules very carefully, I don't sure what is correct rule.
Currently my UFW rules allow SSH connection from any IP and from WireGuard, also my own IP (YYY.YYY....
- 13
0
votes
0
answers
54
views
Is it possible to connect a WiFi route to some server and forward every connection to that server?
I'm facing some package loss issues I'm having in my home-network. I'm looking at some log entries and some game reports I've detected, a somewhat strange IP route added, and a snort made me some ...
0
votes
0
answers
100
views
UFW on ubuntu virtual router not blocking correct traffics
I have a virtual router running on Ubuntu Server 22.04. The virtual router has two ethernet interfaces enp1s0 and enp2s0. The interface enp1s0 is connected to the external network and the interface ...
0
votes
0
answers
301
views
Diference between IPTABLES RAW PREROUTING and MANGLE PREROUTING
I'm looking for configs to prevent DDoS attacks and UPnP Flood, since I've started to create rules, every advice was to add rules to filter table, but it takes too much CPU process, so started to ...
1
vote
0
answers
123
views
iptables show ACCEPT but connection got refused
I have a Django application accessible at port 8080. My current iptables is set
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy DROP)
...
- 163
0
votes
0
answers
1k
views
Port Forwarding in Ubuntu Server 22.04 not working for me
I am fairly new to ubuntu and need help. I am running ubuntu server on my vps and home server. They are connected via Wireguard and I would like to forward the port 25565/tcp,udp to my home server. I ...
0
votes
1
answer
156
views
Unable to remote access the web server running on Ubuntu machine
I'm unable to remote access nginx server or express server or any server running on Ubuntu in the same network
I tried every solution found on Google, chat gpt but no benefit
I'm able to ssh on Ubuntu ...
- 1
0
votes
0
answers
157
views
Block IPv6 Traffic using iptables on Linux using Layer 2 info [bad substitution/argument]
i'm trying to block IPv6 traffic on my router's end following the tutorial here by Claudius's suggestion, with the following command:
ip6tables -I FORWARD -d ${IP(Node1)} -j REJECT
But i'm getting ...
- 11
0
votes
0
answers
530
views
Share two network interfaces on linux
I have a Linux PC (ubuntu 22.04) with a network layout as below:
Internet <-> Router <-> PC <-> edge device <-> Switch <-> APs <-> devices
And with two Lan ...
- 787
0
votes
0
answers
1k
views
UFW allow rule with destination and port
Setting up UFW firewall on Ubuntu I wish to allow connections on port 22 from my local network only. I use next command:
ufw allow from 192.168.1.0/24 to any port 22
For me is unclear in the part &...
- 1
0
votes
1
answer
964
views
UFW - Port is reachable for everyone although only certain IP's are opened
I run an Ubuntu 22.04 server on an VPS with a current version of UFW.
Further i run an docker instance with firefox - https://hub.docker.com/r/jlesage/firefox
The port is routed to 5800 to access this ...
- 1
1
vote
0
answers
107
views
how can i set data traffic limit for per user ? (based on uid/gid )
I need to set a traffic limit for each user , which should be based on the username or group name. I have already tried nethogs software and some similar programs, but they limit the bandwidth. In ...
- 11