Questions tagged [iptables]
Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel.
1,309
questions
0
votes
1
answer
42
views
AP also acting as server in a local network?
I'm looking to create a portable media server also acting as a AP. For this I use a NUC. I got an AP running using hostapd and a DNS server fine. However I seem to be unable to connect to the media ...
- 101
2
votes
1
answer
4k
views
Load iptables rules on boot
I use Ubuntu 20 (server) and I made some iptables rules, but they are not loaded after reboot, so I installed package iptables-persistent, then using iptables-save I saved current rules using command ...
- 1,335
0
votes
0
answers
808
views
Firewall allows only port 22 but I can still curl via http. Need help
I am struggling to get the Ubuntu firewall working as desired.
I have set up a Database on an Ubuntu 20.04.3 LTS. I would like to be able to block request such as curl -G --data-urlencode "...
- 50
0
votes
1
answer
5k
views
Unable to receive UDP packets
I am trying to send UDP packets from Network Simulator 3 (NS-3) to a Multi-threaded python server(Using UDP socket) but I am unable to receive the packet on the server-side. From the host machine, I ...
- 3
0
votes
0
answers
208
views
Port 8090 seems closed even though it's open
I installed Jenkins on port 8090, tried disabling ufw and doing ufw allow 8090.
yougetsignal.com is still showing that port as closed, and trying to open the jenkins webapp results in a timeout error.
...
0
votes
1
answer
1k
views
(iptables) how to drop all incoming traffic except a few ip-ranges (default drop; allow only one country)
my goal is to drop with iptables more or less every request from non-german countries.
the best solution that is working in 2022 is this five year old script.
(Source: https://www.cyberciti.biz/faq/...
- 321
1
vote
0
answers
914
views
What does rule section ufw-not-local do?
While using ufw for my Ubuntu 22.04, I try to understand the iptables structure behind it. What concerns me specifically is this snippet taken out of /etc/ufw/before.rules:
#
# ufw-not-local
#
-A ufw-...
- 25
0
votes
1
answer
584
views
What happens with empty iptables?
From that answer, and other comments on the same webpage, I came to the conclusion that ubuntu by default has an empty iptables. However, people said it was safe, because unless the unexperimented ...
- 101
0
votes
1
answer
858
views
Ubuntu Server 20.04 random ports are timing out, and I don't know why
I need to access a webserver on my Ubuntu Server 20.04 installation. For a test, I set up a webserver using sudo python3 -m http.server <port>. It works fine for a bunch of ports, like 8000, 443,...
0
votes
0
answers
1k
views
20.04 - Can't persist IPTABLES rules
I need to share my wireless modem with another laptop via ethernet. It works perfectly with:
iptables -t nat -A POSTROUTING -o wwan0 -j MASQUERADE
iptables -I FORWARD -o wwan0 -s 192.168.9.0/24 -j ...
- 31
2
votes
0
answers
2k
views
Open server port 80 and redirect to container IP
I'm not an heavy user of unix based systems. And I have some trouble opening a server's port (80) to the public and redirect it to a running container.
So basically, I have a running container on a ...
- 71
0
votes
1
answer
519
views
how to get all rules for a specific IPaddress
Is there any known way how to get all iptables rules ipsets and so on which are valid for an specific IPaddress so that I can see missing ones with a simple view ?
- 1
1
vote
1
answer
6k
views
Incoming connections getting blocked on some ports with no firewall rules Ubuntu server
I'm a relatively inexperienced Linux user and I'm having issues with connections to my machine.
I'm using Ubuntu Server 20.04 LTS
I have a web server, a samba server, a game server and a ssh server ...
- 11
2
votes
2
answers
6k
views
How to open port to outside world?
I have a remote server with an IP - 111.222.333.444
I want to run an http server on that machine, that runs on localhost:8000
How can I make requests to 111.222.333.444:6000 from outside, from my hope ...
- 21
1
vote
0
answers
520
views
Docker daemon fail to run 'MASQUERADE': No such file or directory
I have some issue to install and run the docker daemon on Ubuntu 21.04.
During the install of the packages I am getting this bit of fail message :
Job for docker.service failed because the control ...
- 111
0
votes
1
answer
581
views
iptables - use ubuntu as router
I have an ubuntu PC which I would like to use as "general server" (I don't know a good name for the purpose, let me try to explain).
I have several other devices in my network, bunch of ...
- 161
0
votes
1
answer
78
views
Whitelisting friends' dynamic IPs w/o much extra effort from them
I'm running a small https webserver using a Javascript-based program that I've heard isn't super secure. Fortunately, I only want a couple of friends to be able to access it - unfortunately they're ...
0
votes
1
answer
107
views
iptables Explicit Allow Policy
I am attempting to setup an Explicit Allow policy on my 20.04 Ubuntu web server. By running the following:
iptables -P INPUT DROP
Also added rules for ssh, http and https. Resulting in the following ...
- 103
1
vote
1
answer
6k
views
How to allow a port to accept connection from all external ip adresses?
I have just started using Linux.
My OS details are following.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.3 LTS
Release: 18.04
Codename: bionic
I want to accept TCP connections ...
1
vote
1
answer
333
views
How to prevent flood of unwanted established connections - iptables
There seem to be a flood of unwanted, established port 22 connections to my server. When running sudo netstat -natup | grep 'ESTABLISHED' as root, I get a long list of unwanted established connections,...
- 31
0
votes
1
answer
2k
views
Can not connect Ubuntu Server ssh from outside
We have ubuntu server installed on our desktop machine. It is connected modem with ethernet port. We can access it with ssh via inside of our network. But can not from outside.
Here is what we've done ...
- 101
1
vote
0
answers
3k
views
MySQL remote connection timeout and port 3306 close
I've been searching through the whole a fix but nothing worked.
I'm trying to allow remote access to my MySQL db.
I've been editing my /etc/mysql/mysql.conf.d/mysqld.cnf to modify bind address to set ...
- 11
1
vote
1
answer
640
views
How do I use UFW to block a device in Ubuntu hotspot?
I have a laptop running Ubuntu 20.04, which connected to the internet via ethernet.
I have setup a WiFi hotspot on this machine, so that I can share its internet connection.
Say, I have third device (...
- 11
0
votes
0
answers
436
views
How to have a same static IP address in all the networks
Imagine, I have an application at office which is bound to use 10.x.x.x IP address once it is installed. The gateway of this address will be 10.x.x.1 and this IP is set as static.
So, when I move the ...
0
votes
0
answers
111
views
Iptables gateway slow
I am trying to use an old laptop as a gateway from wired lan to a wifi internet hotspot:
lan router->ubuntu laptop->internet hotspot
I found a recipe to set up the laptop as a gateway, which &...
0
votes
0
answers
140
views
iptable rules to allow downloading stuff while default policy is on DROP
I was trying to install bind and for some reason I was getting issues most likely due to my iptable rules , I can ping google.ca anybody have any reccomndations down below are my current rulesets
...
- 1
0
votes
1
answer
87
views
I am creating a home lab using VMs and routing internet but I cant resolve names?
I have my first vm1 routing internet using iptables -A POSTROUTING -J MASQUERADE
to second vm and vice versa on second VM
my third VM can ping 1.1.1.1 (internet) and I set it a public DNS like 1.1.1....
- 1
0
votes
0
answers
95
views
Wireguard Ubuntu Server Virtualmin FirewallD Connectivity
Does anyone know of any Ubunut Server 20.04 and/or Virtualmin related aspects that can interfere / block a wireguard connection?
Problem:
All settings verified as correct. Client just can not connect....
- 709
0
votes
0
answers
428
views
I wanted to allow outgoing DNS traffic while OUTPUT is on DROP
I currently have a dns server running on my pi , and I am using that as my dns
I wanted to ping google.ca while my output chain / input being on drop
here are my firewall rules would love to hear some ...
- 1
-1
votes
1
answer
1k
views
How to redirection traffic between interfaces on ubuntu 18.04
i have server that has two interfaces (enp1s0 : 192.168.1.10 and enp2s0 : 10.20.30.30),
enp1s0 is public interface that we can connect to server with it and enp2s0 is private and isolate interface. on ...
2
votes
1
answer
3k
views
netfilter-persistent seems ok but does not load rules after reboot
Other people have similar issues but I tried all their approaches with missing iptable entries on boot, no success so far :| (it appears not to be a typo in the iptable files during load)
I've added a ...
- 123
0
votes
0
answers
347
views
Port 80 showing as filtered, ufw inactive
sudo nmap -sS 3.139.146.153
PORT STATE SERVICE
22/tcp open ssh
25/tcp filtered smtp
80/tcp filtered http
443/tcp open https
3306/tcp open mysql
7000/tcp open afs3-...
0
votes
0
answers
269
views
Monitor Openvpn log and if it get specific alert.......then execute iptable command to ban IP
I am looking to secure my openvpn server and to automatically ban unauthorized login attempts. I am looking for a script that will do the following:
-Monitor /var/log/openvpnas.log
-Look for the ...
- 1
0
votes
1
answer
193
views
how to get internet while your default policy is DROP in iptables [closed]
how to get internet while your default policy is DROP in iptables
basically I want to block all unauthorized traffic with iptables I set my default policy to drop (INPUT) and that caused me to not ...
- 1
1
vote
1
answer
3k
views
Yet another SSH connection timeout [closed]
This one is puzzling me to no end. By using PuTTY (latest version) I was able to connect from Windows 10 to Ubuntu 18.04 via SSH (local network), and I've been doing it for over a year until it ...
- 21
2
votes
0
answers
905
views
How to complete MASQUERADE with NetPlan?
I'm an Ubuntu newbie, I'm going to use Ubuntu to set up a KVM virtual machine, I only have a public IP, I know how to configure it in ifupdown, but I want to configure it in NetPlan.
My configuration ...
- 21
1
vote
1
answer
3k
views
VPN/WIreguard forward traffic internally as well as externally
This may be more of a Linux firewall question, but the context is the Wireguard VPN setup on Ubuntu. Note, I'm barely getting acquainted with a lot of this stuff.
I have Wireguard up and running on ...
- 13
1
vote
0
answers
3k
views
How do I open ports 443 and 8080 on a virtual Ubuntu Server 20.04.3?
I am running Ubuntu 20.04.3 server as a virtual server.
My virtual server was virtualized with VMware and the delivery was automatic.
I'm going to set it to use outline and
I have to open ports 443 ...
1
vote
1
answer
1k
views
Prevent routing of DHCP traffic
First, I'm aware that similar questions to mine have been asked elsewhere (I've read many of those posts!) but I've not been able to figure out a solution to my problem, so I'm asking for help.
My ...
- 11
3
votes
2
answers
3k
views
Port Forwarding with iptables is not working
I have two servers:
server 1 with IP address 10.8.0.1
server 2 with IP address 10.8.0.6
I want server 2 work as a proxy for a website that is hosted on server 1. So I use the following commands:
sudo ...
- 155
-1
votes
1
answer
2k
views
Unable to open port 443, despite apache listening, ufw open locally on machine
Hello fellow ubuntu lovers.
I've been trying to open port 443 on my server (on a private network) for some time, but I'm stuck. It's open on ufw, and apache is listening to that port, but somehow I ...
- 101
1
vote
1
answer
563
views
How to setup Linux machine to act as a Router
How to setup Linux machine to act as a Router which is responsible for distributing internet traffic to other devices connected to switch. I want to use this scenario in order to assign Ip-based ...
- 11
0
votes
0
answers
323
views
Home Router NAT Network configuration Ubuntu 20.04
I have Ubuntu 20.04 desktop and home router and I trying to open ports to have an acces from internet.
Here is interface info
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN ...
- 1
0
votes
0
answers
286
views
Fail2Ban vulnerability after reboot
I am very happy with fail2ban for protecting my server except for one issue. After a reboot, each banned ip address is added to iptables one at a time. On one server, I have about 7500 permanently ...
- 1
0
votes
0
answers
312
views
How to open port 990 on Ubuntu
I am not able to connect to my server using FTPS. I noticed that port 990 is not open. When I try to connect to my server on port number 990 I get the following:
telnet myip 990
Connecting To myip......
- 518
0
votes
0
answers
87
views
help with dns name conflict vpn and docker
I need to access an url via VPN, (estrelaoriente.com)
but seems it is conflicting with an docker route (docker.amazee.io):
~$ ping estrelaoriente.com
PING estrelaoriente.com.docker.amazee.io (127.0.0....
1
vote
0
answers
1k
views
Route traffic between two interfaces of a device
I have ubuntu (Ubuntu Server 21.10) installed on a Raspberry Pi which is in the middle of the router(gateway) and the network switch. The reason for this design is, I want all the internet traffic to ...
- 111
1
vote
1
answer
398
views
Desktop Ubuntu-20.04.3 iptables problem
I want to test some iptables rules
the rule is to deny all outbound traffic except DNS.
so I changed the OUTPUT default rule of filter table to DROP using this command.
sudo iptables -t filter -P ...
0
votes
1
answer
377
views
Problem accessing internet from a virtual LAN
I want to make this setup:
It's in Spanish, but quite self explanatory.
In the institute where I work, every student has a PC. The host is a Windows 10 PC with virtualbox 6.1.26 and extension pack.
I ...
1
vote
1
answer
2k
views
ip forward to another interface with ufw doesn't work
I'm trying to setup an IP forward. Cannot manage to make it work.
The goal is to receive a connection on interface1 (IP on this interface is 192.168.101.3) port 4443, and send it through interface2 to ...
- 11