Questions tagged [iptables]
Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel.
1,309
questions
0
votes
1
answer
24
views
How to match the --out-interface to the same --in-interface in iptables
The system have multiple interfaces: eth0, eth1, eth2, ... br0, br1, br2, ...etc.
The following rule will allow packets from "br0" to "br0":
iptables -A FORWARD -i br0 -o br0 -j ...
0
votes
0
answers
11
views
Forwarding https traffic from openvpn to internal server which has internet access
I am trying to achieve the following behaviour
Client <--> openvpn at 1194 <--> internal server at port 8080 <--> internet
I used iptables prerouting route on nat with DPORT 80 and ...
- 1
-2
votes
0
answers
35
views
Modules disappear after reboot
Dear friends something really strange is happening in my system. The ip_tables module did not seem to be installed so I proceeded to reinstall the kernel and all modules:
sudo apt-get install linux-...
- 97
5
votes
3
answers
5k
views
Restrict Deluge to tun0 only but allow Deluge Web UI over eth0
After many searches I have been able to restrict deluge network traffic to only the VPN interface tun0 using the following command:
sudo iptables -A OUTPUT -m owner --uid-owner deluge \! -o tun0 -j ...
CommunityBot
- 1
13
votes
3
answers
50k
views
How to allow an IP (ipv6) address using ufw?
I'm using Ubuntu 16.04 LTS, and I want to block all connections except some IP addresses. I ran these commands
ufw default allow outgoing
ufw default deny incoming
ufw allow ssh
ufw enable
ufw allow ...
- 286
3
votes
2
answers
7k
views
How do I whitelist some connections by ip from being dropped by connlimit?
I'm using these rules in /etc/ufw/before.rules
# Limit to 20 concurrent connections on port 80 per IP
-A ufw-before-input -p tcp --syn --dport 80 -m connlimit --connlimit-above 20 -j DROP
-A ufw-...
CommunityBot
- 1
0
votes
2
answers
111
views
Portforwarding Port 22 ( for ssh ) over JioFiber Router not working ( port 22 is closed )
I am using a JioFiber Router ( Firmware version : SRCMTF1_JCOW414_R2.52.1 ) . The host that I want to expose to the internet has Ubuntu Server 24.04.
Private IPs :
Router ...
- 75.6k
0
votes
0
answers
57
views
UFW not logging [UFW BLOCK] events when default is to allow incoming connections
I'm trying to get a message logged to /var/log/ufw.log when blocking packets. It's all working very well, until I change the default behaviour for incoming connections.
I use ufw default allow ...
0
votes
0
answers
15
views
Shared connection unable to block ports
I am in need to test our connectivity of our device (specifically, how our device responds when unable to reach certain ports).
So I am trying to control the ports, by sharing the internet connection ...
- 161
5
votes
5
answers
15k
views
Ubuntu 22.04: docker: containers not accessible from outside
having a fresh off the shelf Ubuntu 22.04 installation and installed docker according the book.
I also spinned up three containers using docker-compose and they show fine using docker ps.
CONTAINER ID ...
- 121
0
votes
0
answers
21
views
Route between two network interfaces (one with VPN, the other one served DHCP addresses)
I tried to find an answer to my question, but I've not found anything...If this has been asked and answered I'll be happy with a pointer.
I have a server running Ubuntu 23.10 with two network ...
- 1
0
votes
0
answers
33
views
iptable-save command not showing any output
When i run iptables-save command on Ubuntu Ubuntu 22.04.3 LTS and Ubuntu 20.04.4 LTS it not showing default firewall chain rules when i run this other linux example centos or redhat i am able to see ...
1
vote
1
answer
5k
views
Completely remove ufw, delete all iptables chains and rules, for a fresh start with nftables firewall in Ubuntu MATE 19.04
Though I have gone through quite a few threads on AskUbuntu (1, 2, 3), and elsewhere, I'm little confuse on how to proceed.
I'd like to completely remove ufw, delete all iptables chains and rules, ...
CommunityBot
- 1
0
votes
0
answers
42
views
iptables: symbol lookup error: iptables: undefined symbol: xtables_announce_chain
ubuntu20.04
When I running iptables -V, I encountered
iptables: symbol lookup error: iptables: undefined symbol: xtables_announce_chain
How to fix it?
Thank you
- 1
0
votes
0
answers
30
views
Openvpn service running, not connecting to tunnel after changing iptables
I'm trying to make a kill switch for my pi to only allow traffic through the VPN. I made the changes below to iptables and disabled IPv6 in sysctl.conf. This is not my area of expertise so I'm hoping ...
- 1
0
votes
0
answers
16
views
Dual nic server with open client http port unreachable
I am setting up a poe switch connected to my ubuntu server 20.04. I am running an amd 5700 with some generic parts in a minipc that is being used as an nvr. I have a internet facing nic, eno1, where ...
0
votes
0
answers
56
views
XRDP stopped working
My Ubuntu Desktop 22.04.4 LTS lost its XRDP access and I'm unable to figure out how to solve it. XRDP service is running, no errors in XRDP logs.
netstat -an | grep "LISTEN " | grep ":...
2
votes
2
answers
6k
views
How to open port to outside world?
I have a remote server with an IP - 111.222.333.444
I want to run an http server on that machine, that runs on localhost:8000
How can I make requests to 111.222.333.444:6000 from outside, from my hope ...
CommunityBot
- 1
0
votes
1
answer
11k
views
Squid Proxy - The requested URL could not be retrieved
I'm trying to redirect all of my subnet traffic to a squid proxy using iptables on the router gateway (the squid proxy is located in the LAN).
The redirection works (cache & access file respond ...
CommunityBot
- 1
1
vote
2
answers
11k
views
Can't connect to smtp.gmail.com on port 465 or 587
I have an Ubuntu 14.04 (Trusty Tahr) is mounted on AWS and i cannot connect to the SMTP GMail service vía:
SSL(465):
## $ telnet smtp.gmail.com 465 ##
Trying 74.125.28.109...
Trying 74.125.28.108...
...
CommunityBot
- 1
1
vote
2
answers
5k
views
How to redirect/forward a port locally
I want to forward port 500 to port 2500 within the same host and the following was working on Lubuntu 16.04, but after rebooting and re-running iptables commands, I can't get it to work:
iptables -t ...
CommunityBot
- 1
1
vote
1
answer
6k
views
How to allow a port to accept connection from all external ip adresses?
I have just started using Linux.
My OS details are following.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.3 LTS
Release: 18.04
Codename: bionic
I want to accept TCP connections ...
CommunityBot
- 1
0
votes
0
answers
30
views
Unable to route traffc from home lab to internet
Good afternoon. I am running several devices in my HomeLab network, and that network connects to my home network through my Raspberry Pi (<-- my first Pi and it works really well). Connectivity ...
- 1
1
vote
0
answers
41
views
Unable connect via port knocking
I am trying to set up port knocking on my server to enhance security. I've configured my firewall rules to use port knocking, where I have to connect to specific ports in a specific sequence before ...
- 11
1
vote
1
answer
98
views
Permanent iptables redirect
I have an iptables command I run on Ubuntu 22.04.3 that forwards 443 to 8443. However I have to keep running it every reboot.
sudo iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-...
- 21
0
votes
0
answers
27
views
Why tor need icmp in outbound iptables?
I'm trying to block everything in outbound except tor with iptables.
But without enabling icmp tor doesn't work, it's very strange since tor don't use icmp as my understanding.
That's what I'm using ...
1
vote
1
answer
8k
views
How to install this kernel module to use IpTables in Ubuntu 19.04?
So, I am studying IpTables using Ubuntu 19.04 - kernel 5.0.0-32-generic. Following this tutorial https://www.youtube.com/watch?v=ldB8kDEtTZA, I have to load the following kernel modules:
x_tables, ...
CommunityBot
- 1
0
votes
0
answers
304
views
Ubuntu 22.04 rsyslog "& stop" not stopping?
I want to log iptables messages in a separate log file, and not in /var/log/syslog.
I understand if you want to log something exclusively to a separate file, you make sure the syslog rules you want ...
- 1,126
0
votes
0
answers
111
views
Nginx configuration failure: iptables table does not exist
I tried to configure nginx on my Ubuntu system. During this process, I executed the command sudo ufw allow 'Nginx HTTP and I got an error:
WARN: initcaps
[Errno 2] iptables v1.8.7 (legacy): can't ...
- 923
0
votes
0
answers
3k
views
"System has not been booted with systemd as init system (PID 1). Can't operate. Failed to connect to bus: Host is down" not WSL
When I install docker and try to run it, sudo systemctl start docker, it says it can't run as the title says.(Not WSL)
So when I run it with the sudo service docker start command, it turns off again ...
2
votes
4
answers
5k
views
Adding VPN exception (allow protocol) to UFW firewall rules?
I'm having trouble at work in connecting to the work VPN while Firewall (UFW) is active. When i disable it "sudo ufw disable", there are no problems.
When it's on, when trying to connect I receive ...
- 200k
0
votes
0
answers
294
views
Source address in iptables Masquerade/NAT
I'm trying to install OpenVpn on a remote Ubuntu 20 server and am following this tut. I'm able to step through it but cannot determine where this source address is in its example:
$ sudo iptables -t ...
- 101
0
votes
1
answer
80
views
ufw won't put custom rule in the correct place at reboot
My general issue is that I lose contact with my Ubuntu 23.10 on ssh once I close my ports using knockd. I would like for it to maintain existing connections.
I have a custom rule
> iptables -I ...
- 44k
0
votes
0
answers
35
views
How to enable communication between 'software' netplan configured vlans
I have searched far and wide so I if it looks like I have no idea what i'm doing, that is because it is a correct assumpstion. Usually we do this ourselves with our MikroTik router setup. We have a ...
0
votes
1
answer
6k
views
Link-local 169.254.x.x address assigned at boot despite static IP on 20.04 LTS [closed]
I have been struggling to setup my Ubuntu machine as a simple 2-NICs router with NAT, trying to stick to most recent recommended methods, namely netplan for the NICs and ufw for firewall and for ...
CommunityBot
- 1
1
vote
0
answers
135
views
Clients got IP-addresses from DHCP but can't reach Internet
I'm trying to build home router from device with two ethernet ports (enp2s0 and enp3s0) and WiFI (wlo2), based on Ubuntu Server 22.
Everything is set, clients can connect via wifi to the router (it's ...
- 11
2
votes
1
answer
21k
views
SSH port 22: Connection refused
I'm using Lubuntu 17.04, I tried to copy a file using "scp" remotely through ssh but logged in the host computer, not local. Ater that when I try to login via ssh I get this error "...
- 23.9k
0
votes
2
answers
1k
views
Route traffic on different ports through different network interfaces
My situation is this: I’m setting up a server running at home (Ubuntu Desktop 22.04.3 LTS) to run an email server and a few other online services. As we all know, for my email to work reliably and not ...
- 257
3
votes
3
answers
316
views
Having issues locking down public server with iptables
I'm rather new to Ubuntu. I'm trying to lock it down to where I have complete access to it from my ip address and everyone else only has access to port 80 and 443.
To better understand it, I put my ...
- 16.1k
2
votes
2
answers
17k
views
Fatal: can't open lock file /run/xtables.lock: Permission denied
I have just subscribed for a VPN service and while I did notice that at times the connection drops, I looked around for ways to setup a kill-switch in Ubuntu.
I did follow the instructions at https://...
0
votes
0
answers
47
views
Checking this network connection (port forwarding)
I have the below setup, I want to be be able to reach the device (192.168.2.180 eth) from my desktop (192.168.1.3 wifi) I have a linux server in the middle (192.168.1.111 WIFI), (192.168.2.22 Eth)
...
- 11
0
votes
0
answers
128
views
Still getting [UFW BLOCK], which rules apply?
I still get a message UFW BLOCKED:
Dec 22 05:12:41 ge-domoticz kernel: [5324365.003868] [UFW BLOCK] IN=eth0 OUT= MAC=b8:27:eb:a1:7b:8b:38:1f:8d:e9:e4:9f:08:00:45:00:00:28:92:8c:00:00:ff:06:2f:d4 SRC=...
0
votes
1
answer
257
views
Port Forward for LAN
I bought a server and have Ubuntu 22.04 installed.
When I run various Github projects like Text Generation Webui, Automatic1111 Stable Diffusion, etc., how do I forward the port to access it from my ...
- 75.6k
81
votes
5
answers
374k
views
Where can I find the iptables log file, and how can I change its location?
I have this rule in my iptables:
iptables -A INPUT -s 192.168.11.0/24 -j LOG
My question is:
Where is the iptables log file, and how can I change that?
- 323
27
votes
5
answers
29k
views
iptables resets when server reboots
Everytime my server reboots it seems I have to reset my iptables to default, I used to use firestarter but removed it a while ago. Is there any settings that are making iptables change when the server ...
- 1,197
3
votes
2
answers
1k
views
Can someone explain interactions between iptables, nftables and bpf?
I'm on Ubuntu 20.10 trying to do some routing config for my virtual network, and I'm confused about the interactions between the 3 main types of firewall technology used in modern Linux distros, ...
- 103
0
votes
1
answer
363
views
Can not block torrent traffic in my Ubuntu 22.04 vps
I have an Ubuntu 22.04 vps which I want to block all torrent traffic on it.
I tried Iptables by this commands :
iptables -I FORWARD -m string --algo bm --string "BitTorrent" -j DROP
iptables ...
- 36.1k
0
votes
0
answers
300
views
Logging iptables Ubuntu 22.04
I used this configuration for my server:
iptables -F
iptables -A INPUT -j ACCEPT
iptables -A OUTPUT -j ACCEPT
iptables -A FORWARD -j ACCEPT
iptables -A INPUT -j LOG
iptables -A OUTPUT -j LOG
iptables -...
- 1
0
votes
0
answers
348
views
Ubuntu 22.04 iptables command not working
I posted this same question in another SE forum, later felt this forum is more appropriate considering the Linux Distro I am dealing with.
Totally new to netfilter thing, currently am running an ...
- 101
0
votes
0
answers
100
views
How to simulate a NAT network in Ubuntu host with iptables and iproute2?
I want to simulate NAT network mode of virtual machines without using any vm-specific tools. The detailed goals are the following:
The VMs have internal network IP 10.8.20.0/24
The physical nic eno1 ...
- 101