Questions tagged [iptables]
Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel.
1,309
questions
0
votes
0
answers
132
views
How to block all connections on all ports using iptables?
I am trying to protect myself from ddos and limiting all users with more then 5 connection request to connect to my server.
I am trying to use this one, but it is not working, it actually blocks even ...
- 1
0
votes
1
answer
129
views
How to exclude 1 ip from iptable rules?
I want to block all ip's with > 200 connections to access my server with this rule:
iptables -A INPUT -p udp --dport 100:65535 -m connlimit --connlimit-above 200 -j REJECT
but at the same time I ...
- 1
0
votes
0
answers
71
views
Script that will scan for number of connections and ban those above 100
since I lately have some DDOS attacks, i need help in creating the script that will do following:
-Screen the IPs on all ports with total number of connections using netstat
-Ban all IP's that are ...
- 1
1
vote
1
answer
194
views
How to find out the program from iptables log
Testing the ping on ubuntu 22.04:
Host A IPv6: 1111:1111:1111:1111:1111:1111:1111:1111
Host B IPv6: 2222:2222:2222:2222:2222:2222:2222:2222
Host A:
Now execute a ping from Host A with the following ...
- 393
1
vote
1
answer
440
views
How to fix MGR: dropped slow initial connection with pptpd?
I have a pptd server installed on a remote BareMetal server
I have followed the tutorial here to the dot:
However I get
MGR: dropped slow initial connection
I have tried everything I can think of
...
- 402
0
votes
0
answers
290
views
How to chose internet source for Docker container on Ubuntu
Containers are basically using the internet interface that my "Ubuntu 22.04.1 LTS" is using but once I have multiple internet source I don't know how to make the container's use another ...
0
votes
0
answers
404
views
Ubuntu as router with netplan & dnsmasq - can't reach websites
I have setup Ubuntu 22.04 LTS as a router for the following scenario:
Client (192.168.222.100) <--> Switch <--> Ubuntu Router eth0 (192.168.222.1) <--> Ubuntu Router enx2887ba778049 (...
0
votes
1
answer
59
views
Setup additional interface
I have a dedicated server with Ubuntu Server 18.04. I need an additional IP-address so I leased a cheap VDS, then I've setup pptpd on VDS and pptp on dedicated server. Then I configured a VPN-...
- 127
0
votes
1
answer
379
views
Ubuntu server does not accept any request from outside
I have a database in ubuntu server, and it works on server, the port is 5436.However, I can not connect it from outside.
I use ufw order
it lists as below
[17] 5436 (v6) ALLOW IN ...
- 180
1
vote
2
answers
2k
views
Route all traffic from one server to another
I have two servers.
First one is from a local datacenter. OpenVPN is installed on Ubuntu 22.04. Clients connect to this server and get an IP from 10.8.0.0/8 pool. Clients are configured to redirect ...
- 181
2
votes
1
answer
3k
views
iptables - Port forwarding with keeping source IP
I have a Ubuntu Server with two interfaces: enp1s0 and ham0 (private network). In interface ham0 my IP-address is 25.70.228.164. Another machine in this network has IP-address 25.11.1.253. I tried to ...
- 127
0
votes
1
answer
619
views
DDoS Attack - Iptables bad configuration
I have Ubuntu 20.04.4 LTS. I am under a DDoS attack and don't know how to limit the connections made by multiple IP's (avobe 500).
I saw some post, like this or this, but don't know how to follow the ...
1
vote
1
answer
112
views
unable to set the openvpn network to look for a specific subnet behind a specific client
I have an openvpn network I have client with the ip 10.8.0.2 and that client have this subnet 192.168.43.0/24 I want the entire openvpn network to look for the subnet 192.168.43.0/24 in 10.8.0.2
Here'...
- 11
0
votes
1
answer
222
views
Iptables logging in Ubuntu
I have set up Cowrie (2222) and SSH (2233) on a Ubuntu server, to block all traffic except Cowrie and SSH, I have run the following commands:
iptables -A INPUT -p tcp --dport 2222 -j ACCEPT
iptables -...
- 1
0
votes
1
answer
1k
views
Cannot connect to home ubuntu server using public static IP address outside of LAN
Running ubuntu 22.04
I have a test express.js app running and I can connect to it via 192.168.1.6:3000 as local ip and also as (static public IP):3000 but only from devices connected to my WiFi.
As ...
- 17
1
vote
0
answers
3k
views
Your Outline Server was installed correctly, but we are not able to connect to it
I'm trying to config Outline VPN and
I bought a Droplet from Digitalocean with Ubuntu 22.
So, my server generated URI string correctly:
CONGRATULATIONS! Your Outline server is up and running.
To ...
- 111
0
votes
0
answers
62
views
Can't access Ubuntu Server with SSH after doing something with iptables
I'm trying to run a MC-Server on an Ubuntu Sever (Oracle Cloud). I already port forwarded 25565 and 22 but still couldn't access the server. I found these commands on another tutorial, but when I ...
- 1
0
votes
0
answers
69
views
iptables/ ufw problem with getting emails
I have a very difficult problem that I can't seen to solve.
I have an Ubuntu Server 20.04.5 LTS set up as a firewall/ router, so it has two interfaces. One internet connected and the other lan ...
- 11
0
votes
1
answer
370
views
My Ubuntu Server Ports got locked
I just tried to join to my Jenkins on my VPS as usual. When I try to access the URL it returns the error code ERR_CONNECTION_TIMED_OUT. This happens as well with port 8080 for my website and other ...
- 31
1
vote
0
answers
582
views
DNS only works when I have a port 53 UDP outbound rule *AND INBOUND* rule
I'm locking down both inbound and outbound ports with
iptables -P INPUT DROP
iptables -P OUTPUT DROP
Then, I allow certain traffic to certain servers
SSH from my network to the server (inbound)
HTTP ...
- 181
0
votes
1
answer
686
views
Should I be concerned about these UFW blocked traffic?
I just installed ufw on a newly provisioned Ubuntu 22.04 Server. It is currently set up to deny all traffic except ssh on an alternate port.
I'm getting this pattern of blocked traffic:
Oct 6 10:09:...
- 113
1
vote
1
answer
88
views
DNATing DNS requests that aren't going to a particular server. iptables : No chain/target/match by that name
I have some chains that I create in iptables
iptables -N dns-requests
iptables -N wg0-filter
I then create a filter, to pass DNS traffic that are on Port 53.
iptables -A wg0-filter -p tcp --dport 53 -...
- 181
1
vote
0
answers
67
views
Link process to connections blocked by UFW
I have an UFW setup with by default all incoming and outgoing connections blocked, and allow only to/from a wireguard interface. All services are working, but in /var/log/ufw.log, there's repeated TCP ...
- 111
-1
votes
1
answer
140
views
How to read and alter packet info when forwarding
I have two laptops running ubuntu(both 20.04.4 LTS x86_64) and im trying to use one as a router(lets call them laptop1 and laptop2 and laptop2 is acting as a router). So far ive used the ip route ...
0
votes
1
answer
1k
views
How can I get iptables to block YouTube packets?
I have a Raspberry Pi and use it as a router. I would like to construct a packet-filtered network, but I'm not sure how to achieve this.
What I did is like this:
sudo iptables -w -N YOUTUBE
sudo ...
- 31
0
votes
1
answer
406
views
IP - Tables NAT ens19 <> ens18
I am hoping someone good with IP tables can give me some pointers.
I am attempting a DNAT with 2 interfaces, Basically what I am trying to do is anything from one interface needs to be pushed to a ...
0
votes
1
answer
387
views
SMTP IP forwarding to another machine
Apologies if this is a silly mistake this is the first time ive had to set up port forwarding. I have two machines I have one machine set up as a DMZ (192.168.0.67) when all traffic inbound will hit ...
- 101
0
votes
1
answer
476
views
Translate iptables rule to UFW
I need to translate these rules:
iptables -A firewall -p udp –dest 239.250.0.0/16 -j ACCEPT
iptables -A firewall -p igmp –dest 239.250.0.0/16 -j ACCEPT
To UFW rules. Don't know how to set -A -dest -j....
- 103
0
votes
1
answer
728
views
UFW ALLOW rules not working and being ignored
We're setting up some zero trust environments and are needing to block all incoming and outgoing ports, except for allowing the office IP to go in (for administrative purposes), and port 80 and 443 to ...
- 21
0
votes
1
answer
516
views
How can I force all clients to use Squid Proxy server on hotspot
I have two wifi interfaces, one is inbuilt and another is a USB adapter. As research, I want to use hostapd to start a hotspot and give users IP addresses using dnsmasq. I used nftables following this ...
- 31
0
votes
1
answer
2k
views
How to forward traffic on various ports through a wireguard vpn using iptables/ufw
I have 2 machines running ubuntu 22.04, we will call them server and proxy. The proxy is a vps with an static public ip, and the server is running behind a nat. I want to route all traffic on some ...
- 101
0
votes
1
answer
277
views
Undoing iptables -F
How do I undo the iptables -F command on Ubuntu 22.04 LTS?
From iptables manual:
-F, --flush [chain]
Flush the selected chain (all the chains in the table if none is given). This is equivalent to ...
- 187
4
votes
1
answer
9k
views
22.04 - ufw/ip tables could not fetch rule set
I'm trying to get UFW up and running on a Raspberry Pi 4 running Ubuntu server 22.04. But I am at a loss.
# via SSH session:
~$ sudo ufw status
ERROR: problem running iptables: iptables v1.8.7 (...
- 61
1
vote
1
answer
4k
views
How To Permanently keep port 80 open On Ubuntu Server
I just installed Ubuntu Web Server and at the end of the install, it mentioned to me that I could go to IP address. Did that and got the great saying "can't connect". I figure port 80 didn't ...
- 5
0
votes
1
answer
2k
views
How do I install iptables-dev on Ubuntu 20.04 with apt?
I tried the following:
sudo apt install iptables-dev
But get this error
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package iptables-dev is not available, ...
- 213
5
votes
5
answers
15k
views
Ubuntu 22.04: docker: containers not accessible from outside
having a fresh off the shelf Ubuntu 22.04 installation and installed docker according the book.
I also spinned up three containers using docker-compose and they show fine using docker ps.
CONTAINER ID ...
- 81
0
votes
1
answer
1k
views
Port 9000 Open in FW But Not Showing In NMAP
I am running an Ubuntu 20.0.4 LTS virtual server.
I need to be able to access http://localhost:9000/ from within the server for a service I am trying to run, but I keep getting 'Connection refused' ...
- 1
0
votes
1
answer
1k
views
Limit packet size with iptables
I need to make a packet size limit on all ports (tcp and udp) for incoming connections with iptables so that it does not exceed 1500 bytes. If this rule is violated, then the IP from which the packet ...
- 3
0
votes
1
answer
657
views
Ubuntu server 22.04 VM Openvpn connection issues
I'm currently working on a homelab project and built a home server using VMWare ESXI 7. On this Hypervisor i run two ubuntu 22.04 server images, one for file sharing and one to serve as a vpn server.
...
0
votes
0
answers
130
views
How do I get ssh to start working?
I turn an unused laptop into an Ubuntu server and everything was working great. I connected to it through ssh on my Windows 10 computer and was able to set up and access Nextcloud to upload all my ...
- 1
0
votes
0
answers
173
views
IPTABLES doesn't drop packets on closed ports
So I've tried creating rules on iptables that block all packets on ports other than 21,22,27015 but floods/packets are able to reach and load my network from ports like 50 or 60.
Here's my list of ...
0
votes
0
answers
646
views
How to remove request limit in ufw / iptables
I have a flask script that handles incoming requests. There can be a lot of such requests in a short period of time, however, if I understand correctly, then initially the firewall has some kind of ...
- 1
2
votes
1
answer
2k
views
Can't get Chain "MASQUERADE" to work on WSL2 Kernel
I'm trying to build custom Kernel for my specific requirement where I need the chain MASQUERADE to be available. I'm using https://github.com/microsoft/WSL2-Linux-Kernel to build my kernel.
I've set ...
- 121
1
vote
0
answers
20
views
accepting request to connect on DB port only from a DNS
I'm trying to add an INPUT rule to my server so that only specific address can connect to my DB.
So far I tried this
iptables -A INPUT -p tcp -m string --string dnsname.com --algo bm --dport 5432 -j ...
- 111
0
votes
1
answer
34
views
Sending packets on a dead port then stopping when accepting
I have programmed iptables to protect my Ubuntu installation. I have SSH but I have put it on another port than 22 for brute-force attacks.
However this morning, a single ip tried to connect every 30s-...
- 103
1
vote
2
answers
1k
views
IPtables not restored
I installed iptables and iptables-persistent in order to save the rules and apply them after reboot, however whenever I try to restore or save I get this errors:
with sudo netfilter-persistent save : ...
- 111
0
votes
0
answers
83
views
Problem with port forwarding eth0 > ppp0
I am having a server with public IP (eth0 : IP: 1.2.3.4) and having in the same way a VPN connection (ppp0: 10.20.20.20), when I am doing telnet in the server:
root@vps:/# telnet 10.20.20.20 25
Trying ...
0
votes
0
answers
979
views
Not able to load iptables
I am trying install iptables for UFW but having issues with it.
Here is how I am installing iptables:
agganu@agganuserver:~$ sudo apt-get install iptables
Reading package lists... Done
Building ...
- 1
0
votes
1
answer
5k
views
How to port forward my ubuntu 22.04 using iptables
Do you know how to gives iptables rules to my machine in order to allow trafic from my public interfaces(wlp3s0) to my private interfaces(lo). Kinda with this topology: 192.168.1.1:80 => 127.0.0.1:...
user1598709
0
votes
1
answer
76
views
I can't find my public interfaces
I need to port forward my Ubuntu 22.04 desktop, so I can establish remote shell between my home desktop and my portatil; which should be with this topology: ip public:8443 => ip private ip:8443. ...
user1598709