Skip to main content

Questions tagged [iptables]

Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel.

Filter by
Sorted by
Tagged with
119 votes
2 answers
400k views

How to save rules of the iptables? [duplicate]

I create the rules to iptables. But, when I restart the computer, the rules don't work! How to save the rules on Ubuntu ? The was problem solved! do: After of the write the commands iptables, do: ...
Gustavo's user avatar
  • 1,199
96 votes
5 answers
301k views

Redirect port 80 to 8080 and make it work on local machine

I redirected traffic for port 80 to 8080 on my machine with sudo iptables -A PREROUTING -t nat -p tcp --dport 80 -j REDIRECT --to-ports 8080 It works fine for all the world except my own machine. I ...
Max's user avatar
  • 1,168
91 votes
3 answers
226k views

What is MASQUERADE in the context of iptables?

In iptables many times I see the target MASQUERADE. What is that? I searched and found lots of things. But I need someone to explain to me what MASQUERADE is in an easy to understand way? An ...
Mohammad Reza Rezwani's user avatar
81 votes
5 answers
374k views

Where can I find the iptables log file, and how can I change its location?

I have this rule in my iptables: iptables -A INPUT -s 192.168.11.0/24 -j LOG My question is: Where is the iptables log file, and how can I change that?
pylover's user avatar
  • 2,315
81 votes
12 answers
124k views

How to control internet access for each program?

I would like to use a software to control which program may connect to the internet. I know that this behaviour is associated with the word "firewall", but some Linux users are very upset if somebody ...
guerda's user avatar
  • 1,181
56 votes
2 answers
108k views

how do you create an app profile for ufw?

Ufw has a command that lists out profiles to which you can further explore their profile definitions $ ufw app list And $ ufw app PROFILE {app profile title} I was wondering how you can create a ...
Miphix's user avatar
  • 1,028
48 votes
3 answers
103k views

How can I make a specific set of iptables rules permanent?

Is there a "best practice" or standard to make a few iptables rules permanent? I mean: automatically applied upon a system reboot? I am using a VPS with Ubuntu Server 10.04 LTS (Lucid Lynx). Thank ...
J. Bruni's user avatar
  • 1,352
48 votes
3 answers
35k views

potential ufw and fail2ban conflicts

Will running both fail2ban and ufw cause problems? I noticed that fail2ban modifies iptables rules, but ufw already has a ton of iptables rules defined... so I'm not sure if fail2ban will mess these ...
Adam Monsen's user avatar
  • 2,245
42 votes
6 answers
465k views

Reloading iptables

I made changes to iptables config file in /etc/iptables/filter in Ubuntu and want to reload them. I read the man page and also googled but couldn't find the information. Any help will be appreciated.
user avatar
40 votes
4 answers
161k views

How to configure UFW to allow IP Forwarding?

I have UFW, OpenVPN and Virtualbox installed on my home server. I have a host-only network for my virtual machine guests (vboxnet0) set up with the IP range 10.0.1.0, and another IP range of 10.0.0.0 ...
Stephen RC's user avatar
  • 4,832
38 votes
7 answers
100k views

GUI for iptables?

I would like to secure my server and it seems that IPtables is one of the first steps. Unfortunately editing the rules in a terminal is a bit complicated and dangerous (those who ever did an iptables -...
silvo's user avatar
  • 1,259
37 votes
6 answers
246k views

Open port 80 on Ubuntu server

I'm just starting out in Ubuntu/Linux, and have some trouble opening port 80 for incoming connections. I ran the sudo ufw allow 80/tcp command, and when I run sudo ufw status the result looks like ...
martin's user avatar
  • 481
30 votes
2 answers
46k views

Port forward to a port on the same machine

I used to run a service on port 25570 I'm now changing it to run on port 25565 but I still want people who try to access it on the old port to have access to the service. So I'd like to forward port ...
Sean Bannister's user avatar
29 votes
2 answers
114k views

What's the difference between PREROUTING and FORWARD in iptables?

I am trying to understand how this system works and I have problems to understand the difference between using NAT PREROUTING or filter FORWARD. From what I understand, the PREROUTE can send the ...
GheorGhe's user avatar
  • 403
29 votes
5 answers
10k views

How can I prevent apt-get/aptitude from showing dialogs during installation?

I'm trying to build an Ansible Playbook to deploy some Ubuntu 12.04 servers on Linode, but my problem seems to be an Ubuntu one. When I run different combinations of apt-get or aptitude I always get ...
Brian Lyttle's user avatar
28 votes
3 answers
31k views

Do I also need to set up another iptables rules for ipv6 if I just used iptables?

Say I have a firewall setup on my linux server with iptables so that I only accept port 22 and port 80 traffic and I block access to all other ports. Do these rules only work if the client machine is ...
user230779's user avatar
27 votes
2 answers
93k views

How can set these iptables rules to run at startup

I usually run my iptables rules whenever I login. From the terminal I type ; sudo sh firewall.sh Setting up my sister's computer, I want to give her some basic firewall protection. She wont be ...
Mikelane's user avatar
  • 293
27 votes
5 answers
29k views

iptables resets when server reboots

Everytime my server reboots it seems I have to reset my iptables to default, I used to use firestarter but removed it a while ago. Is there any settings that are making iptables change when the server ...
Anagio's user avatar
  • 403
26 votes
5 answers
150k views

Iptables reload/restart on Ubuntu

I have problem with iptables on Ubuntu 18.04 before that I used to use with Centos 7 and Red Hat and I can simply restart with systemctl restart iptables but on Ubuntu it does not work. I could not ...
CsharpJoe's user avatar
  • 361
26 votes
4 answers
31k views

persist port routing from 80 to 8080

I use amazon EC2 instance which works via ubuntu. By default according security restrictions I can't bin my application to port 80, so I just bind it port 8080 and then set routing redirect from port ...
Ph0en1x's user avatar
  • 405
26 votes
7 answers
48k views

How to secure ubuntu server from bruteforce ssh attacks?

I have my passwords secure, but I heard people complaining about perfomance of a server going down drastically when a bruteforce attack is taking place. How can I secure my ubuntu 10.10 server from ...
Dziamid's user avatar
  • 501
25 votes
3 answers
59k views

Do I need to restore iptable rules everytime on boot?

Every time I reboot I loose the iptables rules that took me so looong to enter. I know I can save them and restore them on boot, but is there anyway to save them forever? Do I really need to restore ...
capdragon's user avatar
  • 1,037
24 votes
1 answer
75k views

iptables, order of rules - do I understand it right?

I would like to configure my VPS in the way that it ONLY accepts connections from outside on port 22 (where sshd listens) and ICMP requests. Everything else from outside should be rejected. Inside the ...
Xpector's user avatar
  • 437
21 votes
2 answers
211k views

How to start/stop iptables?

While learning some new things about iptables I can't through this. While I am trying to start, its saying as root@badfox:~# iptables -L -n -v Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts ...
Raja G's user avatar
  • 103k
19 votes
1 answer
14k views

UFW: what exactly is it?

What is UFW? You would think this is an easy question, but the more sources I read, the less clear it gets. The acronym spells out to Uncomplicated FireWall, as though ufw actually implements a ...
gwideman's user avatar
  • 303
18 votes
4 answers
105k views

How do I with ufw deny all outgoing ports excepting the ones I need?

I did the following: ufw default deny outgoing, sudo ufw allow out 80 which I thought would let me use the Internet but didn't can y'all help? Also are there any other ports used by Ubuntu for which ...
user250155's user avatar
17 votes
5 answers
44k views

Block China with iptables

I just logged in on a GitLab server and noticed that it had 18.974 failed logins since I last checked the server - almost 5 days. I checked the Ip's and it seems that almost all of them were from ...
Caranfil Alegzandru's user avatar
17 votes
3 answers
46k views

How do I allow multiple ports simultaneously in UFW?

I've installed a new Ubuntu 16.04 and enabled ufw: ufw enable I tried these ways to unfilter multiple ports at once: ufw allow 22/tcp 25/tcp 80/tcp 443/tcp 9000/tcp ufw allow 22/tcp, 25/tcp, 80/tcp,...
Arcticooling's user avatar
17 votes
1 answer
44k views

UFW or IPTables on Ubuntu for OpenVPN?

I'm kind of a newbie in networking and Linux, and I always get confused over whether I should use UFW or IP Tables when restricting my internet connection to only use VPN. Looking around, I find there ...
ryoishikawa74's user avatar
15 votes
7 answers
9k views

Block 1.4 million IP addresses on VPS

How can I block a list of about 1.4 million IP addresses? I've already tried to do it with iptables PREROUTING, like: -A PREROUTING -d IP_HERE/32 -j DROP But with this many records, my bandwidth goes ...
Kamil Skwirut's user avatar
15 votes
1 answer
55k views

Redirect requests to my external IP/port to a different external IP/port?

Is it possible to redirect connections to a specific IP/port to an external IP/port? Example: Server A has the external IP xxx.xxx.xxx.xxx Server B has the external IP yyy.yyy.yyy.yyy User sends a ...
Prix's user avatar
  • 481
15 votes
4 answers
62k views

How can I block ping requests with IPTables?

and stealth specific ports?
david25's user avatar
  • 2,207
15 votes
1 answer
15k views

How can we replace iptables with firewalld in ubuntu 16.04?

In Ubuntu 16.04, can we install firewalld services?
RjV's user avatar
  • 428
14 votes
3 answers
18k views

How do I remove all the ufw chains from iptables?

I've removed ufw and I want to get rid of all the chains it leaves behind. How can I do that easily?
flickerfly's user avatar
  • 7,309
14 votes
1 answer
51k views

Forwarding traffic between 2 interfaces

I have 2 VLANs connected to a 'router'. All the machines can ping other machines within their own VLAN and the router. The router can ping all of the machines. I am trying to get machines to talk to ...
Konstantin Tarashchanskiy's user avatar
13 votes
5 answers
2k views

Type of code conversion used in Linux executable files

I want to ask that what type of encoding is used to make linux executable files e.g. hexadecemal, binary or anything else. how is it converted ? Is there any way to get back the original code from ...
Jaysheel Utekar's user avatar
13 votes
2 answers
26k views

Where does netfilter-persistent save the iptables rules?

Been looking where does netfilter-persistent store its rules but could not find any documentation about it on help.ubuntu.com. Does anybody know where does netfilter-persistent in Ubuntu save its ...
chrone's user avatar
  • 415
13 votes
4 answers
62k views

iptables forward port error - No chain/target/match by that name

I am trying to configure iptables on my Ubuntu 12.04 LTS server to forward port 443 to 8443. But when I run this command: sudo iptables -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8443 ...
Roy Hinkley's user avatar
13 votes
3 answers
11k views

As a new Ubuntu desktop 18.04 LTS user, do I need to use ufw for a firewall or is iptables sufficient? [closed]

Let's assume: I have little or no knowledge of the inner workings of the Ubuntu/Linux OS. All I know is from my experience of Windows, is that I have to have a firewall configured and running before ...
user avatar
13 votes
3 answers
50k views

How to allow an IP (ipv6) address using ufw?

I'm using Ubuntu 16.04 LTS, and I want to block all connections except some IP addresses. I ran these commands ufw default allow outgoing ufw default deny incoming ufw allow ssh ufw enable ufw allow ...
Suraj Bharti's user avatar
13 votes
2 answers
13k views

How to configure an OpenVPN Client Router

I am attempting to set up an OpenVPN Router so that I may connect my tablet (wireless) and Blu-Ray (wired) to a paid VPN service in another country on Ubuntu 12.10. I have successfully done this using ...
jbrookover's user avatar
12 votes
5 answers
14k views

Is someone trying to hack into my server? What can I do?

A few weeks ago I posted a question here about some ssh issues I was having with an Ubuntu 12.04 box. Fast forward to today and I am trying to allow someone else access to the machine, but they keep ...
user2936314's user avatar
11 votes
2 answers
51k views

iptables-restore failing to load my rules

I've been searching around for some time now, but nothing solves my problem. I'm setting up a mail server, but when writing to the iptables, I get an error: iptables-restore: line 2 failed. I'm ...
Søren Lorentzen's user avatar
11 votes
1 answer
12k views

Why is my port closed when accessing from the network?

I have read so many pages, and tried so many things, but am stuck here. I have a freshly installed Ubuntu 20.04 server. And on it I run a Django test server (just to try it out). It is running and ...
Bernd Wechner's user avatar
10 votes
2 answers
40k views

Create table in iptables

I want to create a custom table using iptables so that I can add my custom chains in it. But I doesn't see any option to do that. I tried to search for it but didnt found anything. Please Help.
Tarun's user avatar
  • 4,255
10 votes
5 answers
14k views

Fail2Ban or DenyHosts to block invalid username SSH login attempts

Is there a way to automatically block IP address when a user tries to login as any invalid username? I already have: [ssh] enabled = true port = ssh filter = sshd logpath = /var/log/auth.log ...
slayton1213's user avatar
10 votes
2 answers
8k views

I need rules to drop some malicious Apache connections

I drop all traffic on ports except on 80 for my web server. I have some rules like this on iptables: iptables -A INPUT -p tcp -m tcp --dport 80 -m string --string "cgi" --algo bm --to 1000 -j DROP ...
Javier Palmero's user avatar
10 votes
8 answers
80k views

How can I fix the iptables error message "unable to initialize table 'filter'"?

When I try to use iptables command on one of my Rackspace cloud server, I'm getting the following error. In an attempt to apply iptables rules with iptables-apply -t 120 /etc/iptables.rules and ...
user3215's user avatar
  • 5,365
10 votes
1 answer
29k views

Failed to start iptables-persistent.service

Ubuntu 16.04.2 In a book I read that we need iptables-persistent. The book was published in 2016. Ok: sudo apt install -y iptables-persistent Everything installed. No problems so far. If I ...
Michael's user avatar
  • 563
10 votes
3 answers
2k views

Replacing my firewall rules

I've had an init script for many years that configures iptables for me and it has worked like a champ until now. After upgrading from 10.04 to 12.04 I started having firewall problems where the ...
Snowhare's user avatar
  • 200

1
2 3 4 5
27