Questions tagged [iptables]
Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel.
1,309
questions
119
votes
2
answers
400k
views
How to save rules of the iptables? [duplicate]
I create the rules to iptables. But, when I restart the computer, the rules don't work!
How to save the rules on Ubuntu ?
The was problem solved!
do:
After of the write the commands iptables, do:
...
- 1,199
96
votes
5
answers
301k
views
Redirect port 80 to 8080 and make it work on local machine
I redirected traffic for port 80 to 8080 on my machine with
sudo iptables -A PREROUTING -t nat -p tcp --dport 80 -j REDIRECT --to-ports 8080
It works fine for all the world except my own machine. I ...
- 1,168
91
votes
3
answers
226k
views
What is MASQUERADE in the context of iptables?
In iptables many times I see the target MASQUERADE. What is that? I searched and found lots of things. But I need someone to explain to me what MASQUERADE is in an easy to understand way?
An ...
- 10.3k
81
votes
5
answers
374k
views
Where can I find the iptables log file, and how can I change its location?
I have this rule in my iptables:
iptables -A INPUT -s 192.168.11.0/24 -j LOG
My question is:
Where is the iptables log file, and how can I change that?
- 2,315
81
votes
12
answers
124k
views
How to control internet access for each program?
I would like to use a software to control which program may connect to the internet. I know that this behaviour is associated with the word "firewall", but some Linux users are very upset if somebody ...
- 1,181
56
votes
2
answers
108k
views
how do you create an app profile for ufw?
Ufw has a command that lists out profiles to which you can further explore their profile definitions
$ ufw app list
And
$ ufw app PROFILE {app profile title}
I was wondering how you can create a ...
- 1,028
48
votes
3
answers
103k
views
How can I make a specific set of iptables rules permanent?
Is there a "best practice" or standard to make a few iptables rules permanent? I mean: automatically applied upon a system reboot?
I am using a VPS with Ubuntu Server 10.04 LTS (Lucid Lynx).
Thank ...
- 1,352
48
votes
3
answers
35k
views
potential ufw and fail2ban conflicts
Will running both fail2ban and ufw cause problems? I noticed that fail2ban modifies iptables rules, but ufw already has a ton of iptables rules defined... so I'm not sure if fail2ban will mess these ...
- 2,245
42
votes
6
answers
465k
views
Reloading iptables
I made changes to iptables config file in /etc/iptables/filter in Ubuntu and want to reload them. I read the man page and also googled but couldn't find the information. Any help will be appreciated.
Raccha
40
votes
4
answers
161k
views
How to configure UFW to allow IP Forwarding?
I have UFW, OpenVPN and Virtualbox installed on my home server. I have a host-only network for my virtual machine guests (vboxnet0) set up with the IP range 10.0.1.0, and another IP range of 10.0.0.0 ...
- 4,832
38
votes
7
answers
100k
views
GUI for iptables?
I would like to secure my server and it seems that IPtables is one of the first steps. Unfortunately editing the rules in a terminal is a bit complicated and dangerous (those who ever did an iptables -...
- 1,259
37
votes
6
answers
246k
views
Open port 80 on Ubuntu server
I'm just starting out in Ubuntu/Linux, and have some trouble opening port 80 for incoming connections.
I ran the sudo ufw allow 80/tcp command, and when I run sudo ufw status the result looks like ...
- 481
30
votes
2
answers
46k
views
Port forward to a port on the same machine
I used to run a service on port 25570 I'm now changing it to run on port 25565 but I still want people who try to access it on the old port to have access to the service. So I'd like to forward port ...
- 403
29
votes
2
answers
114k
views
What's the difference between PREROUTING and FORWARD in iptables?
I am trying to understand how this system works and I have problems to understand the difference between using NAT PREROUTING or filter FORWARD.
From what I understand, the PREROUTE can send the ...
- 403
29
votes
5
answers
10k
views
How can I prevent apt-get/aptitude from showing dialogs during installation?
I'm trying to build an Ansible Playbook to deploy some Ubuntu 12.04 servers on Linode, but my problem seems to be an Ubuntu one. When I run different combinations of apt-get or aptitude I always get ...
- 393
28
votes
3
answers
31k
views
Do I also need to set up another iptables rules for ipv6 if I just used iptables?
Say I have a firewall setup on my linux server with iptables so that I only accept port 22 and port 80 traffic and I block access to all other ports.
Do these rules only work if the client machine is ...
- 321
27
votes
2
answers
93k
views
How can set these iptables rules to run at startup
I usually run my iptables rules whenever I login. From the terminal I type ;
sudo sh firewall.sh
Setting up my sister's computer, I want to give her some basic firewall protection. She wont be ...
- 293
27
votes
5
answers
29k
views
iptables resets when server reboots
Everytime my server reboots it seems I have to reset my iptables to default, I used to use firestarter but removed it a while ago. Is there any settings that are making iptables change when the server ...
- 403
26
votes
5
answers
150k
views
Iptables reload/restart on Ubuntu
I have problem with iptables on Ubuntu 18.04 before that I used to use with Centos 7 and Red Hat and I can simply restart with
systemctl restart iptables
but on Ubuntu it does not work. I could not ...
- 361
26
votes
4
answers
31k
views
persist port routing from 80 to 8080
I use amazon EC2 instance which works via ubuntu. By default according security restrictions I can't bin my application to port 80, so I just bind it port 8080 and then set routing redirect from port ...
- 405
26
votes
7
answers
48k
views
How to secure ubuntu server from bruteforce ssh attacks?
I have my passwords secure, but I heard people complaining about perfomance of a server going down drastically when a bruteforce attack is taking place. How can I secure my ubuntu 10.10 server from ...
- 501
25
votes
3
answers
59k
views
Do I need to restore iptable rules everytime on boot?
Every time I reboot I loose the iptables rules that took me so looong to enter. I know I can save them and restore them on boot, but is there anyway to save them forever? Do I really need to restore ...
- 1,037
24
votes
1
answer
75k
views
iptables, order of rules - do I understand it right?
I would like to configure my VPS in the way that it ONLY accepts connections from outside on port 22 (where sshd listens) and ICMP requests. Everything else from outside should be rejected. Inside the ...
- 437
21
votes
2
answers
211k
views
How to start/stop iptables?
While learning some new things about iptables I can't through this. While I am trying to start, its saying as
root@badfox:~# iptables -L -n -v
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts ...
- 103k
19
votes
1
answer
14k
views
UFW: what exactly is it?
What is UFW? You would think this is an easy question, but the more sources I read, the less clear it gets.
The acronym spells out to Uncomplicated FireWall, as though ufw actually implements a ...
- 303
18
votes
4
answers
105k
views
How do I with ufw deny all outgoing ports excepting the ones I need?
I did the following: ufw default deny outgoing, sudo ufw allow out 80 which I thought would let me use the Internet but didn't can y'all help?
Also are there any other ports used by Ubuntu for which ...
- 361
17
votes
5
answers
44k
views
Block China with iptables
I just logged in on a GitLab server and noticed that it had 18.974 failed logins since I last checked the server - almost 5 days. I checked the Ip's and it seems that almost all of them were from ...
17
votes
3
answers
46k
views
How do I allow multiple ports simultaneously in UFW?
I've installed a new Ubuntu 16.04 and enabled ufw:
ufw enable
I tried these ways to unfilter multiple ports at once:
ufw allow 22/tcp 25/tcp 80/tcp 443/tcp 9000/tcp
ufw allow 22/tcp, 25/tcp, 80/tcp,...
17
votes
1
answer
44k
views
UFW or IPTables on Ubuntu for OpenVPN?
I'm kind of a newbie in networking and Linux, and I always get confused over whether I should use UFW or IP Tables when restricting my internet connection to only use VPN. Looking around, I find there ...
- 303
15
votes
7
answers
9k
views
Block 1.4 million IP addresses on VPS
How can I block a list of about 1.4 million IP addresses? I've already tried to do it with iptables PREROUTING, like:
-A PREROUTING -d IP_HERE/32 -j DROP
But with this many records, my bandwidth goes ...
- 187
15
votes
1
answer
55k
views
Redirect requests to my external IP/port to a different external IP/port?
Is it possible to redirect connections to a specific IP/port to an external IP/port?
Example:
Server A has the external IP xxx.xxx.xxx.xxx
Server B has the external IP yyy.yyy.yyy.yyy
User sends a ...
- 481
15
votes
4
answers
62k
views
15
votes
1
answer
15k
views
How can we replace iptables with firewalld in ubuntu 16.04?
In Ubuntu 16.04, can we install firewalld services?
- 428
14
votes
3
answers
18k
views
How do I remove all the ufw chains from iptables?
I've removed ufw and I want to get rid of all the chains it leaves behind. How can I do that easily?
- 7,309
14
votes
1
answer
51k
views
Forwarding traffic between 2 interfaces
I have 2 VLANs connected to a 'router'. All the machines can ping other machines within their own VLAN and the router. The router can ping all of the machines. I am trying to get machines to talk to ...
13
votes
5
answers
2k
views
Type of code conversion used in Linux executable files
I want to ask that what type of encoding is used to make linux executable files e.g. hexadecemal, binary or anything else.
how is it converted ?
Is there any way to get back the original code from ...
- 589
13
votes
2
answers
26k
views
Where does netfilter-persistent save the iptables rules?
Been looking where does netfilter-persistent store its rules but could not find any documentation about it on help.ubuntu.com.
Does anybody know where does netfilter-persistent in Ubuntu save its ...
- 415
13
votes
4
answers
62k
views
iptables forward port error - No chain/target/match by that name
I am trying to configure iptables on my Ubuntu 12.04 LTS server to forward port 443 to 8443.
But when I run this command:
sudo iptables -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8443
...
- 507
13
votes
3
answers
11k
views
As a new Ubuntu desktop 18.04 LTS user, do I need to use ufw for a firewall or is iptables sufficient? [closed]
Let's assume:
I have little or no knowledge of the inner workings of the Ubuntu/Linux OS. All I know is from my experience of Windows, is that I have to have a firewall configured and running before ...
user927685
13
votes
3
answers
50k
views
How to allow an IP (ipv6) address using ufw?
I'm using Ubuntu 16.04 LTS, and I want to block all connections except some IP addresses. I ran these commands
ufw default allow outgoing
ufw default deny incoming
ufw allow ssh
ufw enable
ufw allow ...
- 139
13
votes
2
answers
13k
views
How to configure an OpenVPN Client Router
I am attempting to set up an OpenVPN Router so that I may connect my tablet (wireless) and Blu-Ray (wired) to a paid VPN service in another country on Ubuntu 12.10. I have successfully done this using ...
- 241
12
votes
5
answers
14k
views
Is someone trying to hack into my server? What can I do?
A few weeks ago I posted a question here about some ssh issues I was having with an Ubuntu 12.04 box. Fast forward to today and I am trying to allow someone else access to the machine, but they keep ...
- 415
11
votes
2
answers
51k
views
iptables-restore failing to load my rules
I've been searching around for some time now, but nothing solves my problem.
I'm setting up a mail server, but when writing to the iptables, I get an error:
iptables-restore: line 2 failed.
I'm ...
- 213
11
votes
1
answer
12k
views
Why is my port closed when accessing from the network?
I have read so many pages, and tried so many things, but am stuck here.
I have a freshly installed Ubuntu 20.04 server. And on it I run a Django test server (just to try it out). It is running and ...
- 304
10
votes
2
answers
40k
views
Create table in iptables
I want to create a custom table using iptables so that I can add my custom chains in it. But I doesn't see any option to do that. I tried to search for it but didnt found anything. Please Help.
- 4,255
10
votes
5
answers
14k
views
Fail2Ban or DenyHosts to block invalid username SSH login attempts
Is there a way to automatically block IP address when a user tries to login as any invalid username? I already have:
[ssh]
enabled = true
port = ssh
filter = sshd
logpath = /var/log/auth.log
...
- 115
10
votes
2
answers
8k
views
I need rules to drop some malicious Apache connections
I drop all traffic on ports except on 80 for my web server.
I have some rules like this on iptables:
iptables -A INPUT -p tcp -m tcp --dport 80 -m string --string "cgi" --algo bm --to 1000 -j DROP
...
- 113
10
votes
8
answers
80k
views
How can I fix the iptables error message "unable to initialize table 'filter'"?
When I try to use iptables command on one of my Rackspace cloud server, I'm getting the following error.
In an attempt to apply iptables rules with iptables-apply -t 120 /etc/iptables.rules and ...
- 5,365
10
votes
1
answer
29k
views
Failed to start iptables-persistent.service
Ubuntu 16.04.2
In a book I read that we need iptables-persistent.
The book was published in 2016.
Ok:
sudo apt install -y iptables-persistent
Everything installed. No problems so far. If I ...
- 563
10
votes
3
answers
2k
views
Replacing my firewall rules
I've had an init script for many years that configures iptables for me and it has worked like a champ until now. After upgrading from 10.04 to 12.04 I started having firewall problems where the ...
- 200