All Questions
37
questions
0
votes
0
answers
103
views
Linux netfilter: How to capture, modify and retransmit packets that my host is sending to a specific destination?
I am trying to write a linux service that captures the packets that go from my personal server to a specific destination and performs necessary changes to them. More specifically, i want to find all ...
0
votes
0
answers
72
views
Linux 6.5 netfilter NAT reuses TCP ports in TIME_WAIT status?
In my understanding, Linux (netfilter)'s NAT doesn't reuse TCP ports in TIME_WAIT status, but seemingly Linux >= 6.5 reuses TCP ports in TIME_WAIT, even if the destination is the same.
For example, ...
- 41
5
votes
1
answer
810
views
Iptables Fail to block inbound from specific ip
Hi I Have a online server which i use like gateway and iptables is acting weird
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i ...
- 303
0
votes
1
answer
332
views
How to send back TCP packets using iptables
I am trying to demonstrate TCP communication with a Ubuntu 18.04 box (which mocks a QNX setup) that does not have a listener installed. Consider that due to some license issues it might not be ...
0
votes
1
answer
82
views
What is the correct way of shorten this nat based multiple ports?
Can these rules shorten to single line:
post-up iptables -t nat -A PREROUTING -i vmbr0 -p tcp --dport 3050 -j DNAT --to-destination 192.168.1.3:3050
post-up iptables -t nat -A PREROUTING -i vmbr0 -p ...
- 103
0
votes
1
answer
1k
views
Where is the iptables MARK location in TCP package?
In my CentOS7 Server, I emptied all the iptables rules, and then add below rule:
iptables -t mangle -N DIVERT
iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT
iptables -t mangle -A ...
- 880
0
votes
2
answers
1k
views
What is the corresponding TCP states for states in iptables? (NEW and ESTABLISHED)
The iptables manual says
ESTABLISHED meaning that the packet is associated with a connection which has seen packets in both directions, NEW meaning that the packet has started a new connection, or ...
- 11
0
votes
1
answer
409
views
Relay TCP upload traffic and make download traffic go directly to the client
This is a supplement for iptables SNAT for UDP rule is only applied to some traffic
In fact, I have three machines:
the client
the target server
the relay server
What's my motivation for doing this?
...
- 13
0
votes
1
answer
987
views
Meaning of IPTABLE duplicate values
I'm new to IPTABLES and when I execute the following command
/sbin/iptables --list -n | grep 16381
I could see multiple entries as shown below :
ACCEPT tcp -- a.b.c.d 0.0.0.0/0 ...
0
votes
0
answers
129
views
Returning tcp/udp packets to sender
I'm using a Linux machine with WiFi hotspot to test the WiFi stack of an embedded device. For context, the embedded device is designed to send and receive encrypted packets to/from a remote server.
To ...
- 1
0
votes
0
answers
228
views
How to allow only 100 half open SYN connections
I'm running Ubuntu and want to allow only 100 waiting SYN connections at a given time,
and drop the rest.
How can I configure iptables to implement this rule?
Or sysctl config to allow only 100, and ...
- 103
-3
votes
1
answer
83
views
Why does my IPTables changes not deny access from all IP addresses except CloudFlare’s ranges?
I am running apache on ubuntu 18.04. I used IPtables to deny access from all IP addressed except CloudFlare’s ranges and when I run iptables -L –line-number I get
1 ACCEPT tcp – 131.0.72.0/22 anywhere ...
0
votes
1
answer
3k
views
Convert Received TCP packets to UDP and forward those packet
I have a service that listens on a TCP port and communicates with a peripheral. I'd like to forward the received packets by the service through UDP to an another computer. I don't need handshake with ...
- 15
0
votes
0
answers
272
views
log tcp contakting connection with nftables
I Want to log TCP contracting Connexion using nftables(iptables)
I tried to write tcp flags in Rule, but when I acces to webpage of destination IP address I get just this Info in my logfile :
...
- 71
0
votes
2
answers
280
views
If I disable iptables its working. Which rule is making my websites a timeout?
I have a VPS with nginx but no website is working and timeout is sent. When I disable iptables everything is fine. But no idea which rule/s is taking the problem. Any help?
$sudo iptables -S
-P INPUT ...
- 1