Questions tagged [iptables]
Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel.
93
questions
81
votes
12
answers
124k
views
How to control internet access for each program?
I would like to use a software to control which program may connect to the internet. I know that this behaviour is associated with the word "firewall", but some Linux users are very upset if somebody ...
- 1,181
119
votes
2
answers
400k
views
How to save rules of the iptables? [duplicate]
I create the rules to iptables. But, when I restart the computer, the rules don't work!
How to save the rules on Ubuntu ?
The was problem solved!
do:
After of the write the commands iptables, do:
...
- 1,199
10
votes
2
answers
8k
views
I need rules to drop some malicious Apache connections
I drop all traffic on ports except on 80 for my web server.
I have some rules like this on iptables:
iptables -A INPUT -p tcp -m tcp --dport 80 -m string --string "cgi" --algo bm --to 1000 -j DROP
...
- 113
48
votes
3
answers
103k
views
How can I make a specific set of iptables rules permanent?
Is there a "best practice" or standard to make a few iptables rules permanent? I mean: automatically applied upon a system reboot?
I am using a VPS with Ubuntu Server 10.04 LTS (Lucid Lynx).
Thank ...
- 1,352
27
votes
5
answers
29k
views
iptables resets when server reboots
Everytime my server reboots it seems I have to reset my iptables to default, I used to use firestarter but removed it a while ago. Is there any settings that are making iptables change when the server ...
- 403
81
votes
5
answers
374k
views
Where can I find the iptables log file, and how can I change its location?
I have this rule in my iptables:
iptables -A INPUT -s 192.168.11.0/24 -j LOG
My question is:
Where is the iptables log file, and how can I change that?
- 2,315
56
votes
2
answers
108k
views
how do you create an app profile for ufw?
Ufw has a command that lists out profiles to which you can further explore their profile definitions
$ ufw app list
And
$ ufw app PROFILE {app profile title}
I was wondering how you can create a ...
- 1,028
29
votes
5
answers
10k
views
How can I prevent apt-get/aptitude from showing dialogs during installation?
I'm trying to build an Ansible Playbook to deploy some Ubuntu 12.04 servers on Linode, but my problem seems to be an Ubuntu one. When I run different combinations of apt-get or aptitude I always get ...
- 393
18
votes
4
answers
105k
views
How do I with ufw deny all outgoing ports excepting the ones I need?
I did the following: ufw default deny outgoing, sudo ufw allow out 80 which I thought would let me use the Internet but didn't can y'all help?
Also are there any other ports used by Ubuntu for which ...
- 361
5
votes
1
answer
4k
views
UFW occasionally blocking HTTPS (443/TCP) although configured to allow that port on Ubuntu 16.04
On my Ubuntu 16.04 machine, I have configured UFW like this:
$ sudo apt-get install ufw
$ sudo ufw limit 22/tcp
$ sudo ufw allow 80/tcp
$ sudo ufw allow 443/tcp
$ sudo ufw enable
Now if I run sudo ...
- 416
1
vote
1
answer
2k
views
How to stop the synattack?
I have did every thing to stop this kind of ddos.
I have set sysctl like following:
# IP Spoofing protection
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1
# Ignore ICMP ...
- 185
96
votes
5
answers
301k
views
Redirect port 80 to 8080 and make it work on local machine
I redirected traffic for port 80 to 8080 on my machine with
sudo iptables -A PREROUTING -t nat -p tcp --dport 80 -j REDIRECT --to-ports 8080
It works fine for all the world except my own machine. I ...
- 1,168
42
votes
6
answers
465k
views
Reloading iptables
I made changes to iptables config file in /etc/iptables/filter in Ubuntu and want to reload them. I read the man page and also googled but couldn't find the information. Any help will be appreciated.
Raccha
27
votes
2
answers
93k
views
How can set these iptables rules to run at startup
I usually run my iptables rules whenever I login. From the terminal I type ;
sudo sh firewall.sh
Setting up my sister's computer, I want to give her some basic firewall protection. She wont be ...
- 293
26
votes
5
answers
150k
views
Iptables reload/restart on Ubuntu
I have problem with iptables on Ubuntu 18.04 before that I used to use with Centos 7 and Red Hat and I can simply restart with
systemctl restart iptables
but on Ubuntu it does not work. I could not ...
- 361
17
votes
5
answers
44k
views
Block China with iptables
I just logged in on a GitLab server and noticed that it had 18.974 failed logins since I last checked the server - almost 5 days. I checked the Ip's and it seems that almost all of them were from ...
15
votes
1
answer
55k
views
Redirect requests to my external IP/port to a different external IP/port?
Is it possible to redirect connections to a specific IP/port to an external IP/port?
Example:
Server A has the external IP xxx.xxx.xxx.xxx
Server B has the external IP yyy.yyy.yyy.yyy
User sends a ...
- 481
6
votes
1
answer
29k
views
Port forwarding with UFW
I realize UFW is mainly just for enabling/disabling access on particular ports, but I'm trying to forward one port to another. I want any connection to port 1724 to be forwarded to 1723.
The file /...
- 1,535
40
votes
4
answers
161k
views
How to configure UFW to allow IP Forwarding?
I have UFW, OpenVPN and Virtualbox installed on my home server. I have a host-only network for my virtual machine guests (vboxnet0) set up with the IP range 10.0.1.0, and another IP range of 10.0.0.0 ...
- 4,832
15
votes
1
answer
15k
views
How can we replace iptables with firewalld in ubuntu 16.04?
In Ubuntu 16.04, can we install firewalld services?
- 428
15
votes
4
answers
62k
views
14
votes
3
answers
18k
views
How do I remove all the ufw chains from iptables?
I've removed ufw and I want to get rid of all the chains it leaves behind. How can I do that easily?
- 7,309
13
votes
2
answers
26k
views
Where does netfilter-persistent save the iptables rules?
Been looking where does netfilter-persistent store its rules but could not find any documentation about it on help.ubuntu.com.
Does anybody know where does netfilter-persistent in Ubuntu save its ...
- 415
12
votes
5
answers
14k
views
Is someone trying to hack into my server? What can I do?
A few weeks ago I posted a question here about some ssh issues I was having with an Ubuntu 12.04 box. Fast forward to today and I am trying to allow someone else access to the machine, but they keep ...
- 415
10
votes
8
answers
80k
views
How can I fix the iptables error message "unable to initialize table 'filter'"?
When I try to use iptables command on one of my Rackspace cloud server, I'm getting the following error.
In an attempt to apply iptables rules with iptables-apply -t 120 /etc/iptables.rules and ...
- 5,365
9
votes
1
answer
20k
views
Step by Step enable remote login to home ubuntu machine?
To clarify, this is ask:
I have a home computer running ubuntu. I want to be able to ssh into it from a remote location such as a cafe where I will bring a laptop.
My attempts thus far have been ...
- 143
6
votes
3
answers
5k
views
UFW not blocking connections to docker instance
I have a webservice running inside a docker instance which was run using the following command:
sudo docker run -d -p 4040:4040 ....
My UFW rules look like this:
~ sudo ufw status
Status: active
...
- 171
5
votes
2
answers
43k
views
Can't initialize iptables table `filter': Table does not exist (do you need to insmod?)
I'm trying to open up port 1900 for UDP in order for the Echo to be able to discover the HA Bridge using the following command but I get errors. What is the best solution to fix this?
pi@raspberrypi:~...
- 4,605
4
votes
1
answer
1k
views
Could someone tell me whether my OS is communicating with the internet?
I edited iptables so that when the VPN service is disconnected, no program will access the internet.
Well, I did an experiment. I disconnected the VPN service manually and immediately did a ping by ...
- 1,917
2
votes
2
answers
2k
views
Do I need iptables or ufw if I have gufw?
On my Ubuntu computer I have Iptables,ufw and gufw installed on it but I am trying to figure out if I need to remove one so I did a experiment and removed iptables and I saw ufw and gufw was removed ...
2
votes
3
answers
7k
views
Trying to block YouTube
I've tried two different commands in IPTables to block YouTube. They briefly work, but then, hours later, or the next day, I test it again, only to find that it comes through when I DON'T want it to. ...
- 41
2
votes
1
answer
2k
views
Correctly limit IP connections
I asked many questions about this same subject, for example: here, and here.
The answer said I should set up the rule like this:
iptables -A INPUT -i eth0 -m state --state ESTABLISHED,RELATED -j ...
- 185
2
votes
1
answer
556
views
Failed to apply network settings you might not be able to connect
On My notebook omen 17-cbO247 core i7,
I recently upgrade my system from Ubuntu 18.04 to Ubuntu 20.04.
It works almost perfect,
but
after rebooting the system, I’m getting the following message:
...
- 25
2
votes
1
answer
19k
views
iptables allow just internet connection
let me explain what I did before;
# Only INPUT policy DROP, others are ACCEPT
sudo iptables -P INPUT DROP
sudo iptables -A INPUT -p tcp --sport 80 -j ACCEPT
I also try this; for these ports to 443 ...
- 21
1
vote
1
answer
265
views
i have massive attack on port in my server
i have Ubuntu 15.4 server i open a port with number 20000 i got massive ddos attack on this port i typed in terminal
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
to ...
- 185
1
vote
2
answers
3k
views
Monitor visited websites of guest account through any browser
I want to know which websites/URLs are visited by users of my home computer's guest account.
Is there a way to log this and save it as nicely formatted list to the disk? I only need date/time and ...
- 108k
1
vote
2
answers
16k
views
Configuration of iptables (verfication, actives services, allow FTP)
I’m experimenting with IPT's (iptables) in Xubuntu.
First experimentation wato allow all OUTPUT traffic and block all INPUT except already existing TCP connections can somebody verify if these are ...
- 13
0
votes
0
answers
845
views
ip tables limit connetion per ip address can be bypassed?
I am currently using the following to limit IP connections:
iptables -A INPUT -p tcp --syn --dport 22 -m connlimit --connlimit-above 4 --connlimit-mask 32 -j REJECT --reject-with tcp-reset
To limit ...
- 185
0
votes
1
answer
189
views
Is it correct that a torrent gets downloaded via enp3s0 (eth0) even if outgoing traffic is restricted to a VPN on tun0?
I modified my iptables according to the answer from Musclehead here so that my transmission-daemon can just send outgoing traffic to tun0 (which is a VPN).
(Hint: My eth0 is called enp3s0.)
Now, if I ...
- 2,059
-1
votes
1
answer
275
views
How to map my ipv4 address to external address in iptables
I want to run a minecraft server (port 25565) and have it send to my external address for others to play, then to my hostname (I am assuming this is automatic - Do I need a rule for this too?).
But I ...
- 815
91
votes
3
answers
226k
views
What is MASQUERADE in the context of iptables?
In iptables many times I see the target MASQUERADE. What is that? I searched and found lots of things. But I need someone to explain to me what MASQUERADE is in an easy to understand way?
An ...
- 10.3k
38
votes
7
answers
100k
views
GUI for iptables?
I would like to secure my server and it seems that IPtables is one of the first steps. Unfortunately editing the rules in a terminal is a bit complicated and dangerous (those who ever did an iptables -...
- 1,259
37
votes
6
answers
246k
views
Open port 80 on Ubuntu server
I'm just starting out in Ubuntu/Linux, and have some trouble opening port 80 for incoming connections.
I ran the sudo ufw allow 80/tcp command, and when I run sudo ufw status the result looks like ...
- 481
26
votes
7
answers
48k
views
How to secure ubuntu server from bruteforce ssh attacks?
I have my passwords secure, but I heard people complaining about perfomance of a server going down drastically when a bruteforce attack is taking place. How can I secure my ubuntu 10.10 server from ...
- 501
26
votes
4
answers
31k
views
persist port routing from 80 to 8080
I use amazon EC2 instance which works via ubuntu. By default according security restrictions I can't bin my application to port 80, so I just bind it port 8080 and then set routing redirect from port ...
- 405
21
votes
2
answers
211k
views
How to start/stop iptables?
While learning some new things about iptables I can't through this. While I am trying to start, its saying as
root@badfox:~# iptables -L -n -v
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts ...
- 103k
19
votes
1
answer
14k
views
UFW: what exactly is it?
What is UFW? You would think this is an easy question, but the more sources I read, the less clear it gets.
The acronym spells out to Uncomplicated FireWall, as though ufw actually implements a ...
- 303
14
votes
1
answer
51k
views
Forwarding traffic between 2 interfaces
I have 2 VLANs connected to a 'router'. All the machines can ping other machines within their own VLAN and the router. The router can ping all of the machines. I am trying to get machines to talk to ...
13
votes
3
answers
11k
views
As a new Ubuntu desktop 18.04 LTS user, do I need to use ufw for a firewall or is iptables sufficient? [closed]
Let's assume:
I have little or no knowledge of the inner workings of the Ubuntu/Linux OS. All I know is from my experience of Windows, is that I have to have a firewall configured and running before ...
user927685
10
votes
3
answers
2k
views
Replacing my firewall rules
I've had an init script for many years that configures iptables for me and it has worked like a champ until now. After upgrading from 10.04 to 12.04 I started having firewall problems where the ...
- 200