Questions tagged [iptables]
Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel.
1,309
questions
0
votes
0
answers
154
views
Iptables block ping from another ip
I am a beginner in the field could you help me please
me : 192.168.15.13
user1 : 192.168.15.14
user2 : 192.168.15.12
I would like to block ping from user1 to user2 using iptables from my ip 192.168.15....
- 1
0
votes
0
answers
3k
views
80 port Connection refused
I am new to Ubuntu firewall and I have Ubuntu 20.04 server.
All ports 8080, 81 ... are externally available, but when I tried telnet IP 80 I received
telnet: Unable to connect to remote host: ...
- 101
0
votes
0
answers
47
views
Ubuntu Core 20.4 can't ping Opto22 Snap Pac Brain
I'm working on a Raspberry Py 4 with the lastest Ubuntu Core 20.4 64bits.
I need to be able to reach and use a device, the Opto22 Snap Pac Brain Model SNAP-PAC-EB2. This device is linked to the ...
- 1
2
votes
1
answer
5k
views
probleme running ufw on Ubuntu 20.04.3
I'm new to Ubuntu and to try it out I've installed the Ubuntu app from Microsoft store and running it on my windows 10 laptop, I tried to enable the UFW but I got this:
:~$ sudo ufw enable
ERROR: ...
9
votes
2
answers
18k
views
Ubuntu 21.10 switched to nftables, so why is iptables still available?
According to 21.10 release notes:
nftables is now the default backend for the firewall.
However, having installed Ubuntu 21.10, I can see I still have iptables (and ufw) installed by default:
m@m-...
- 295
0
votes
2
answers
82
views
Skip route table
I want to create a VM VBOX Ubuntu to be a gateway in my home lan to route to my enterprise VPN.
The problem is that my VPN when is stablished, create a route per route entry with metric 1 to be routed ...
- 1
0
votes
1
answer
2k
views
iptables with NTP
I am using iptables to filter the traffic and also chronyd to synchronize the system time. However, I am not getting it to work, somehow chronyd cannot access the NTP server.
Here are my iptables ...
- 13
1
vote
0
answers
277
views
Why is ufw not blocking traffic from 169.254.169.254:179?
My ufw is enabled and only permits ssh and wireguard:
# ufw status
Status: active
To Action From
-- ------ ----
22/tcp ...
- 121
0
votes
1
answer
2k
views
iptables - rule to block all other incoming traffic except ssh
I currently have the following rules to allow connections to my SSH server on port 2233:
iptables -A INPUT -p tcp --dport 2233 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p ...
- 15
0
votes
2
answers
1k
views
Iptables that only allow incoming traffic to OpenSSH and block all other traffic
I need to configure a firewall using iptables that only allows incoming traffic to the openssh services and block all other traffic. I know how to block all incoming traffic but don't know how to only ...
- 15
0
votes
0
answers
891
views
Listening port's with service name
I'm looping in listening ports and when looping I want to get the exact service name of the ports for further activity. So how can I get the service name of the ports.
- 1
1
vote
0
answers
333
views
netfilter-persistent starts on boot, but iptables does not
I have netfilter-persistent and iptables-persistent installed.
Netfilter-persistent starts after a reboot.
I have rules saved at /etc/iptables/rules.v4
Iptables does not start.
sudo systemctl restart ...
- 11
0
votes
0
answers
248
views
Ubuntu server UFW issues
I was sending requests to my server using postman. Then, something went wrong and all of my requests were blocked. Now, I can't send requests or even access the server using the IP address unless I ...
1
vote
0
answers
17
views
Failed to apply network settings - file /sbin/iptables doesn't exist for bluetooth xubuntu 20.04 [duplicate]
After upgrading xubuntu 16.04 to 20.04, when I reboot I always have this popup :
bluetooth works : I can send and receive files.
I've tried to reinstall iptables but nothing changed.
Thanks very much ...
- 53
1
vote
1
answer
949
views
Create network alias in Ubuntu 20.04
I have a local application that will try to connect to MySQL on 172.1.0.1 when it's on production but I want to be able to test it locally.
At this time, changing the source code is not an option, so ...
0
votes
1
answer
2k
views
Huge CPU load under large amount of TCP connections
Under a large amount of TCP connections, one CPU core will always go up to 100%. After that happens, the whole VM would start lagging and there will be an evident packet loss.
Is there a way to solve ...
1
vote
1
answer
6k
views
does adding a rule to iptables mean it takes effect immediately?
I run sudo iptables -A INPUT -p tcp -m tcp --dport 2222 -j ACCEPT in bash and then tried to connect to that machine via another machine on the same LAN / subnet via port 2222 with PuTTY and it didn't ...
- 221
15
votes
7
answers
9k
views
Block 1.4 million IP addresses on VPS
How can I block a list of about 1.4 million IP addresses? I've already tried to do it with iptables PREROUTING, like:
-A PREROUTING -d IP_HERE/32 -j DROP
But with this many records, my bandwidth goes ...
- 187
0
votes
1
answer
275
views
iptables blocking all packets on boot
A bit of time ago, i had several problems with my ethernet card and had to completely reset my network configuration (i had to rewrite and reload a new netplan.yaml, which uses Network Manager)
Side ...
- 19
0
votes
0
answers
404
views
Docker iptables seems to limit upload speed in Ubuntu 20.04
I faced the following issue:
Docker itself create some iptables default rules.
Once they are applied, my upload speed get slowed down to 500 mbit.
Once I reinstall iptables to clear the rules, it get ...
- 1
-1
votes
1
answer
440
views
IPTABLES Prerouting, mass add
maybe someone know how can i mass add like 1 400 000 ip's to iptables with command:
iptables -I PREROUTING -t raw -d $ipban -j DROP
right now im using:
while read ipban
do
iptables -I PREROUTING -t ...
- 187
1
vote
0
answers
252
views
How To Translate UDP Source Port Numbers Using Iptables
I have an UDP application which sends packets with inbound source port numbers equal to the destination port numbers from both sides of the communication. The documentation also states that this ...
- 11
2
votes
1
answer
188
views
how to delete the grepped iptables
I am trying to delete all iptables created by calico in my k3s setup. I am using calico-script to delete but after running this script some cali- iptables I can see in iptables -S output, I want to ...
- 123
0
votes
1
answer
1k
views
How to block incoming traffic from IP addresses on port
How do I block all IP addresses from where traffic is coming from, on my Ubuntu 18.04 (on a specified port) or just log all IP addresses connecting to this port to .txt file?
- 187
-1
votes
1
answer
58
views
internet not working after executing the below iptable commands as root
Inorder To increase security i executed the below commands
Force SYN packets check
Make sure NEW incoming tcp connections are SYN packets; otherwise we need to drop them:
iptables -A INPUT -p tcp ! --...
2
votes
0
answers
6k
views
How to upgrade iptables version with apt
My iptables version is v1.6.1. How can I upgrade it?
I tried:
root@ubuntu:~# apt update iptables
E: The update command takes no arguments
root@ubuntu:~#b apt upgrade iptables
Reading package lists... ...
- 153
1
vote
1
answer
2k
views
Can't connect to open secure port on Ubuntu
I opened the 8443 port on which I run Clickhouse server. I can connect to SSH on 22 port, I can also connect to 8443 via SSH tunnel, however I can't connect normally to that host. I'm trying to ...
1
vote
2
answers
3k
views
How can I set the destination to "anywhere" in the iptables?
As far as i understood with the following rule:
ACCEPT tcp -- anywhere 172.17.0.4 tcp dpt:25565
ubuntu allows connection via port 25565 but only to 172.17.0.4, but i want ...
- 21
0
votes
0
answers
144
views
Not access to internet
Yesterday I was watching a video and the connection dropped down in my Ubuntu 18.04. I tried connecting to the mobile phone data and with another wifi and it doesn´t work. I also tried with cable and ...
0
votes
0
answers
2k
views
How can I restart iptables in Ubuntu 20.04?
To manage my firewall I use ufw. But Docker modifies itpables rules directly. I'm trying to do some testing to see what the effect of setting "iptables": false in /etc/docker/daemon.json, ...
- 4,990
0
votes
0
answers
541
views
iptables says it should drop, but I can still connect
Ubuntu 20.04
I use NordVPN and it changes my iptables rules when I connect. Occasionally, I have to delete some rules and create new ones so I can still access other machines on my local network.
This ...
- 131
0
votes
0
answers
216
views
Ubuntu SSH forwarding access not working from to server 3 from server 1 (server 1--> server 2 --> server 3)
i have a requirement to have the SSH connectivity of the remote server in the azure network to our on prem network. Since the direct connectivity between both the networks are not available, i am ...
-1
votes
2
answers
863
views
fail2ban not manipulate iptables
i googled some articles like"how to install fail2ban on ubuntu 20.04",
none of them mentioned my situation.
my env: new ubuntu 20.04 installation on vmware player.straight install fail2ban.
...
- 1
0
votes
1
answer
63
views
Blocked internet traffic for device seems to be leaking out to internet
I have an Ubuntu box that DHCP assigns a static IP address (Based on it's MAC address) at 192.168.2.12 with the Local gateway at 192.168.2.1, I want to block internet traffic to it and from it, but I ...
- 2,223
0
votes
0
answers
141
views
Why everything but ssh is blocked? (from within and out of lan)
It's a Ubuntu server 20.04.2, at home network. Used mostly for testing and non-destructive experiments (php, python study, virtual machines, etc), used as a headless machine next to my working pc.
...
0
votes
1
answer
3k
views
OpenVPN Server unable to ping device connected to client laptop via ethernet
I have an OpenVPN Server on a linux virtual machine (Google Cloud Compute Engine instance running Ubuntu 20.04).
I have a linux laptop in my office (running Ubuntu 20.04). It is connected wirelessly ...
- 103
0
votes
1
answer
369
views
My Firewall script is blocking nginx Rtmp Client connection
My server is running Nginx Rtmp Server on Port 1935
I am running a firewall script to block bad clients who connect on my server over 30 times on any tcp Port
with the following script
#!/bin/sh
# ...
- 35
0
votes
1
answer
2k
views
Using iptables to block all internet-originating traffic except for a specific port
I have an Emby server running on Ubuntu Server 20.04 LTS and would like to configure iptables to block all incoming connections from the internet except for port 8920, but allow normal incoming ...
- 311
0
votes
1
answer
2k
views
Having to reopen ports on reboot
When I restart my computer I keep having reopen ports using iptables. Using a "sudo ufw allow [port]/[protocol]" doesn't open the port and isn't persistent.
Pertinent info
20.04
Was ...
- 1
1
vote
1
answer
4k
views
Unable to add rules to /etc/ufw/before.rules and before6.rules
I run a high-traffic NTP server and the following rules are absolutely necessary to prevent my conntrack table from being immediately overrun (regardless of how large it is):
iptables -t raw -A ...
- 301
1
vote
0
answers
71
views
iptables port forward to diferent box port
Hy everyone!
I have a home network, and have a DVR (provison) connected with my cameras. I can access to my dvr via internet/lan, but the dvr don't have any security options except fixed ips or ip ...
- 11
0
votes
1
answer
3k
views
why does UFW block ICMP destination-unreachable messages despite apparently having rules to allow them?
Ubuntu 20.04.2 LTS, I am running UFW with mostly default configuration, have allowed some ports through with "ufw allow" but haven't done any manual blocking or config files editing.
I was ...
- 301
0
votes
1
answer
619
views
IPTABLES/UFW: Deny ssh (on alternate port) requests from WAN, and allow ssh (on alternate port) from LAN. HOW TO?
I am running Ubuntu server version 20.04. I have configured my ssh server to listen on an alternate port (port 40001) in my sshd_config file. I want to allow incoming traffic from anywhere on my local ...
- 113
1
vote
1
answer
2k
views
iptables does not start after reboot
I have already run the command, systemctl enable iptables and systemctl start iptables, but the iptables service was not started as message below after I reboot server.
root@sec-k8-m1-iwt:~# systemctl ...
- 11
4
votes
0
answers
670
views
UFW status is getting problem running iptables
I want to use UFW (version 0.36) but I get this error when running ufw status:
ERROR: problem running iptables: Another app is currently holding the xtables lock. Perhaps you want to use the -w option?...
- 41
0
votes
2
answers
831
views
WiFi AP's have no internet connectivity after seting up IPTABLES
I have set up an Ubuntu 20.04 SERVER to act as a Gateway/Router.
Now that the gateway is functioning, I now no longer have WiFi access via several AP's in my house.
I am able to connect to the AP's, I ...
0
votes
0
answers
157
views
How to test to see if packets are moving between two ports on a dual port NIC
I'm trying to set up a home router on Ubuntu 20.04 Server.
I have followed dozens of on-line tutorials, and for the life of me, I can't get this to work.
As soon as I get everything set up, nothing ...
-1
votes
1
answer
5k
views
Ubuntu 20.04 gateway, iptables NAT and port forwarding
i am in a maze, i try in vain to setup the rules to be able to acces from internet my internal web server (192.168.12.10).
at home, i have an Ubuntu 20.04 gateway (192.168.12.1) with two interfaces :
...
- 1
2
votes
1
answer
564
views
Redirect Network Traffic
I host a Minecraft server at home that I use to play with friends, which they all use to connect to via an OpenVPN server.
The OpenVPN server has the IP (A.A.A.A) and the IP range for the VPN itself ...
- 335
0
votes
1
answer
4k
views
Bad argument in iptables NAT command
I am trying to do a DNAT rule in iptables if the packet with source address 192.168.86.212 and destination address 192.168.86.212 then change the destination address to 172.217.5.100.
sudo iptables -t ...
- 137