Questions tagged [iptables]
Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel.
1,309
questions
0
votes
1
answer
19
views
How to match the --out-interface to the same --in-interface in iptables
The system have multiple interfaces: eth0, eth1, eth2, ... br0, br1, br2, ...etc.
The following rule will allow packets from "br0" to "br0":
iptables -A FORWARD -i br0 -o br0 -j ...
- 393
0
votes
0
answers
11
views
Forwarding https traffic from openvpn to internal server which has internet access
I am trying to achieve the following behaviour
Client <--> openvpn at 1194 <--> internal server at port 8080 <--> internet
I used iptables prerouting route on nat with DPORT 80 and ...
- 1
-2
votes
0
answers
35
views
Modules disappear after reboot
Dear friends something really strange is happening in my system. The ip_tables module did not seem to be installed so I proceeded to reinstall the kernel and all modules:
sudo apt-get install linux-...
- 97
0
votes
2
answers
111
views
Portforwarding Port 22 ( for ssh ) over JioFiber Router not working ( port 22 is closed )
I am using a JioFiber Router ( Firmware version : SRCMTF1_JCOW414_R2.52.1 ) . The host that I want to expose to the internet has Ubuntu Server 24.04.
Private IPs :
Router ...
0
votes
0
answers
57
views
UFW not logging [UFW BLOCK] events when default is to allow incoming connections
I'm trying to get a message logged to /var/log/ufw.log when blocking packets. It's all working very well, until I change the default behaviour for incoming connections.
I use ufw default allow ...
0
votes
0
answers
15
views
Shared connection unable to block ports
I am in need to test our connectivity of our device (specifically, how our device responds when unable to reach certain ports).
So I am trying to control the ports, by sharing the internet connection ...
- 161
0
votes
0
answers
21
views
Route between two network interfaces (one with VPN, the other one served DHCP addresses)
I tried to find an answer to my question, but I've not found anything...If this has been asked and answered I'll be happy with a pointer.
I have a server running Ubuntu 23.10 with two network ...
- 1
0
votes
0
answers
33
views
iptable-save command not showing any output
When i run iptables-save command on Ubuntu Ubuntu 22.04.3 LTS and Ubuntu 20.04.4 LTS it not showing default firewall chain rules when i run this other linux example centos or redhat i am able to see ...
0
votes
0
answers
42
views
iptables: symbol lookup error: iptables: undefined symbol: xtables_announce_chain
ubuntu20.04
When I running iptables -V, I encountered
iptables: symbol lookup error: iptables: undefined symbol: xtables_announce_chain
How to fix it?
Thank you
- 1
0
votes
0
answers
30
views
Openvpn service running, not connecting to tunnel after changing iptables
I'm trying to make a kill switch for my pi to only allow traffic through the VPN. I made the changes below to iptables and disabled IPv6 in sysctl.conf. This is not my area of expertise so I'm hoping ...
- 1
0
votes
0
answers
16
views
Dual nic server with open client http port unreachable
I am setting up a poe switch connected to my ubuntu server 20.04. I am running an amd 5700 with some generic parts in a minipc that is being used as an nvr. I have a internet facing nic, eno1, where ...
0
votes
0
answers
56
views
XRDP stopped working
My Ubuntu Desktop 22.04.4 LTS lost its XRDP access and I'm unable to figure out how to solve it. XRDP service is running, no errors in XRDP logs.
netstat -an | grep "LISTEN " | grep ":...
0
votes
0
answers
30
views
Unable to route traffc from home lab to internet
Good afternoon. I am running several devices in my HomeLab network, and that network connects to my home network through my Raspberry Pi (<-- my first Pi and it works really well). Connectivity ...
- 1
1
vote
0
answers
41
views
Unable connect via port knocking
I am trying to set up port knocking on my server to enhance security. I've configured my firewall rules to use port knocking, where I have to connect to specific ports in a specific sequence before ...
- 11
0
votes
0
answers
27
views
Why tor need icmp in outbound iptables?
I'm trying to block everything in outbound except tor with iptables.
But without enabling icmp tor doesn't work, it's very strange since tor don't use icmp as my understanding.
That's what I'm using ...
0
votes
0
answers
304
views
Ubuntu 22.04 rsyslog "& stop" not stopping?
I want to log iptables messages in a separate log file, and not in /var/log/syslog.
I understand if you want to log something exclusively to a separate file, you make sure the syslog rules you want ...
- 1,126
0
votes
0
answers
111
views
Nginx configuration failure: iptables table does not exist
I tried to configure nginx on my Ubuntu system. During this process, I executed the command sudo ufw allow 'Nginx HTTP and I got an error:
WARN: initcaps
[Errno 2] iptables v1.8.7 (legacy): can't ...
0
votes
0
answers
3k
views
"System has not been booted with systemd as init system (PID 1). Can't operate. Failed to connect to bus: Host is down" not WSL
When I install docker and try to run it, sudo systemctl start docker, it says it can't run as the title says.(Not WSL)
So when I run it with the sudo service docker start command, it turns off again ...
0
votes
0
answers
292
views
Source address in iptables Masquerade/NAT
I'm trying to install OpenVpn on a remote Ubuntu 20 server and am following this tut. I'm able to step through it but cannot determine where this source address is in its example:
$ sudo iptables -t ...
- 101
0
votes
1
answer
80
views
ufw won't put custom rule in the correct place at reboot
My general issue is that I lose contact with my Ubuntu 23.10 on ssh once I close my ports using knockd. I would like for it to maintain existing connections.
I have a custom rule
> iptables -I ...
- 160
0
votes
0
answers
35
views
How to enable communication between 'software' netplan configured vlans
I have searched far and wide so I if it looks like I have no idea what i'm doing, that is because it is a correct assumpstion. Usually we do this ourselves with our MikroTik router setup. We have a ...
1
vote
1
answer
98
views
Permanent iptables redirect
I have an iptables command I run on Ubuntu 22.04.3 that forwards 443 to 8443. However I have to keep running it every reboot.
sudo iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-...
- 21
1
vote
0
answers
135
views
Clients got IP-addresses from DHCP but can't reach Internet
I'm trying to build home router from device with two ethernet ports (enp2s0 and enp3s0) and WiFI (wlo2), based on Ubuntu Server 22.
Everything is set, clients can connect via wifi to the router (it's ...
- 11
0
votes
2
answers
1k
views
Route traffic on different ports through different network interfaces
My situation is this: I’m setting up a server running at home (Ubuntu Desktop 22.04.3 LTS) to run an email server and a few other online services. As we all know, for my email to work reliably and not ...
- 45
0
votes
0
answers
47
views
Checking this network connection (port forwarding)
I have the below setup, I want to be be able to reach the device (192.168.2.180 eth) from my desktop (192.168.1.3 wifi) I have a linux server in the middle (192.168.1.111 WIFI), (192.168.2.22 Eth)
...
- 11
3
votes
3
answers
316
views
Having issues locking down public server with iptables
I'm rather new to Ubuntu. I'm trying to lock it down to where I have complete access to it from my ip address and everyone else only has access to port 80 and 443.
To better understand it, I put my ...
- 521
0
votes
0
answers
128
views
Still getting [UFW BLOCK], which rules apply?
I still get a message UFW BLOCKED:
Dec 22 05:12:41 ge-domoticz kernel: [5324365.003868] [UFW BLOCK] IN=eth0 OUT= MAC=b8:27:eb:a1:7b:8b:38:1f:8d:e9:e4:9f:08:00:45:00:00:28:92:8c:00:00:ff:06:2f:d4 SRC=...
0
votes
1
answer
257
views
Port Forward for LAN
I bought a server and have Ubuntu 22.04 installed.
When I run various Github projects like Text Generation Webui, Automatic1111 Stable Diffusion, etc., how do I forward the port to access it from my ...
- 103
0
votes
0
answers
300
views
Logging iptables Ubuntu 22.04
I used this configuration for my server:
iptables -F
iptables -A INPUT -j ACCEPT
iptables -A OUTPUT -j ACCEPT
iptables -A FORWARD -j ACCEPT
iptables -A INPUT -j LOG
iptables -A OUTPUT -j LOG
iptables -...
- 1
0
votes
0
answers
348
views
Ubuntu 22.04 iptables command not working
I posted this same question in another SE forum, later felt this forum is more appropriate considering the Linux Distro I am dealing with.
Totally new to netfilter thing, currently am running an ...
- 101
0
votes
0
answers
100
views
How to simulate a NAT network in Ubuntu host with iptables and iproute2?
I want to simulate NAT network mode of virtual machines without using any vm-specific tools. The detailed goals are the following:
The VMs have internal network IP 10.8.20.0/24
The physical nic eno1 ...
- 101
0
votes
0
answers
30
views
I'm attempting to execute a Flask test file, but when attempting to access it through the browser, an error stating that the site cannot be reached
I have tried creating an inbound rule in my firewall to allow port <5000> but its still showing site cannot be reached.
i have also tried to Check UFW (Uncomplicated Firewall) with this command
'...
- 1
0
votes
0
answers
89
views
nslookup works but network no
System information:
ubuntu server CLI only 22.04.3 LTS.
Kernel 5.15.0-88-generic
I'm using zerotier network to connect to my server. Everything worked fine and then maybe I changed something, maybe no,...
0
votes
0
answers
286
views
Setting up a reverse proxy on home lab
I'm very new to Linux and bash. I'm working on a homelab (machine a) project.
My ultimate goal is to set up Nginx on my server and connect externally (machine c) to Docker apps File Browser, possibly ...
- 1
4
votes
1
answer
954
views
I can't connect to Ubuntu server from local network, but can from outside
This is a weird one that has been driving me crazy for a while. I just can't work it out.
I'm running Ubuntu 22.04 (with all latest patches) on a Dell PowerEdge-r710 server. It's hosting a variety of ...
- 143
0
votes
1
answer
664
views
Ubuntu Router configuration with UFW
Going down the ubuntu 20.04 server route and using UFW.
Steps so far (from a clean install)
Network Layout attached
networking configured with netplan - YAML file below - question here is do I need ...
- 1
1
vote
1
answer
156
views
BIND9 on Ubuntu 20 - Cannot configure Zone to work properly
I installed it on Ubunto 20 and configured two zones
Options config file
acl internal {
localhost;
localnets;
192.168.70.0/24;
10.200.157.0/24;
};
options {
...
- 11
0
votes
0
answers
170
views
Restrict access to Docker container port to ip adresses
There are several docker containers on my server, exposing ports. Now I try to restrict the access to the ports to IP-Adresses being able to insert rules without allowing the policy. I apply IP-Tables ...
- 1
0
votes
0
answers
342
views
Use TPROXY feature of iptables with Ubuntu 22.04
I'm trying to use the TPROXY feature of iptables.
For example :
iptables -A PREROUTING -t mangle -p tcp -i eth0 -j TPROXY --on-port 5000 --tproxy-mark 1
This feature works perfectly on Ubuntu 16.04 (...
- 1
0
votes
1
answer
358
views
Iptables TCP NEW state vs TCP flags in Ubuntu 22.04
I would like to double check what is the behaviour of NEW state in TCP connections in iptables (Ubuntu 22.04).
Does it only accept SYN=1 and ACK=0/FIN=0/RST=0 in tcp flags?
More detailed example - let'...
- 113
0
votes
1
answer
1k
views
Ubuntu 22.04 as a router. 2 LAN (LAN with Internet + LAN with AP). AP network do not see IP addresses from first network
it's been a while when I setup similar config... that's why I'm a bit confused.
So I have box with Ubuntu 22.04 with two LAN cards. My network looks like that.
ROUTER [192.168.88.1/24]:
UBUNTU BOX [...
0
votes
0
answers
73
views
Automatically created iptables rules created by Docker seem strange
Here are the rules that I don't understand (those are created automatically by docker on my ubuntu machine):
-A FORWARD -i docker0 ! -o docker0 -j ACCEPT
-A FORWARD -i docker0 -o docker0 -j ACCEPT
So ...
0
votes
0
answers
287
views
UFW allow all IP from ASN
How to allow access to ubuntu with UFW firewall for all addresses belonging to one ICT provider with its ASN number (Is it possible?)?
0
votes
0
answers
103
views
Simulate an NVA Appliance in Azure that forwards traffic with an Ubuntu VM
In Azure, I have 3 VirtualNetworks, A, B and C. A and B are peered to C.
I have an Ubuntu VM in all 3 of them.
I would like to have the VMs in VirtualNetworks A and B, be able to talk to one another ...
- 101
0
votes
1
answer
146
views
Port Forwarding to another machine Rust gameserver
I need to forward UDP port 28015 of my local machine to another machine with port UDP 28021. Rust Game Server. (Redirect incoming traffic on a specific port to a different IP address with altern port)
...
0
votes
0
answers
54
views
Port Forwarding to vboxnet0 with saving client's real IP
I set up the internet on a virtual machine that is running through VirtualBox and set up port forwarding. First, in rt_tables of Host Machine (iproutes2) I added this:
100 vm0
Then I run this:
ip ...
- 127
1
vote
1
answer
128
views
Unable to establish network route
I am struggling to establish a network route from my laptop to another device. I will admit that my networking background is lacking, so sorry for the ignorance. I have the following setup:
[Device-A] ...
- 11
0
votes
0
answers
183
views
Route traffic from VPN to web proxy
I'm struggling for days to do this:
I've got an Openvpn installed on a ubuntu server, I want this traffic to be routed to a web proxy (socks5), so it will look like this :
Device->VPN->Proxy->...
- 1
1
vote
1
answer
756
views
How to unblock my IP from Ubuntu Server 22.04?
Here is the output of iptables -L -v in Ubuntu 22.04:
https://pastebin.ubuntu.com/p/47ysNrXCcN/
Chain DENYIN (1 references)
pkts bytes target prot opt in out source ...
- 111
1
vote
0
answers
608
views
wireguard + ufw = unable to limit access to specific port
So I'm trying to limit access to port 5432 (postgres) by using ufw and unable to do so. The connection is allowed still
sudo ufw deny 5432/tcp
sudo ufw route deny in on wg0 from 10.0.10.2
root@vpn-...
- 141