All Questions
166
questions
0
votes
3
answers
91
views
iptables not dropping udp port for exact ip address
My iptables rules are as follows:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N f2b
-A INPUT -p tcp -m multiport --dports 80,443 -j f2b
-A INPUT -d (my public facing ip)/32 -p udp -m udp --...
0
votes
1
answer
87
views
Block with firewall a dns request containing a certain query
Example
let's say I'm with iptables or nftables
I want to allow a certain traffic like the following one:
iptables -A OUTPUT -d 192.168.1.1 -p udp --dport 53 -j ACCEPT
iptables -A INPUT -s 192.168.1.1 ...
0
votes
0
answers
198
views
To allow IPsec NAT-T traffic to pass through, why does the firewall still need to permit ESP when it already allows UDP 4500?
I established an IPsec VPN tunnel between two Juniper SRX routers across NAT, with the NAT being performed by the firewall (a Linux server). When attempting to configure the firewall rules to allow ...
0
votes
1
answer
83
views
routing traffic using iptables and l2tp
Internet restrictions in my country have essentially made it impossible for VPNs to work.
As such, I wanted to circumvent this issue by using the following method.
Although "residential" ...
0
votes
0
answers
28
views
Firewall incoming packets are dropped with VLAN configuration
In my Windows PC, installed scapy tool for sending packets from my system to raspberry Pi board connected to my machine using VLAN.
In my raspberry Pi board, Firewall rules are already configured and ...
1
vote
1
answer
241
views
IPTables rules and networking with problems 2
My plan is to have a computer that forwards all traffic from internal interface ens19 to openvpn-interface tun0. The system has 2 physical interfaces: ens18 for local network with Internet connection ...
1
vote
1
answer
367
views
Unable to open port on debian vps
Trying to open 51820 UDP
I do
iptables -A INPUT -p udp --dport 51820 -j ACCEPT
then iptables -L
I can see
ACCEPT udp -- anywhere anywhere udp dpt:51820
then I do
/sbin/...
0
votes
0
answers
36
views
Iptable rules through two firewalls for an rdp connection
Suppose I have a network topology similar to the one above, if i wanted to rdp into a host on the private network from home these are the following iptable rules i have:
Firewall 1:
$IPT -t nat -A ...
-1
votes
1
answer
382
views
IPtables dropping packets I can't see with tcpdump and I don't know why?
My IPtables rules are blocking apt update for example:
root@vpn:~# apt update
Ign:1 https://pkgs.tailscale.com/stable/ubuntu jammy InRelease
Ign:2 http://de.archive.ubuntu.com/ubuntu jammy InRelease
...
0
votes
1
answer
140
views
IPTables rules and networking with problems
I'm using a Fritzbox for normal network and an own installed Router on rpi3 for an own network with openvpn, dnsmasq and iptables. Over the last few years the setup worked good. You can find the ...
1
vote
0
answers
91
views
Reroute and tunnel udp connection to another server
I have been trying to establish a connection between a vps and a dedicated bare metal server for a month now. Basically, vps will act as a tunnel to connect to my dedicated server, I'm doing this to ...
1
vote
1
answer
857
views
iptables - How do I restrict access to just local devices on the network?
I have a WireGuard VPN Server running on a Debian 12 host with no problems, listening on a specific UDP port, and all is working great with no issues. I can connect from my phone WireGuard client ...
1
vote
0
answers
373
views
Unable to traceroute but able to ping
I need to connect to my own server that runs Linux Mint.
After installing Tailscale on both PCs (client and server) I can successfully ping the server from client, but I'm unable to traceroute it.
...
2
votes
2
answers
1k
views
iptables drop all packets that do not come from two specific subnets
I want to drop all packets that do not come with a source IP in the subnets 11.2.4.0/24 and 11.2.3.0/24
I thought about doing something like so:
iptables -A OUTPUT ! -s 11.2.4.0/24,11.2.3.0/24 -j DROP
...
4
votes
1
answer
1k
views
nftables: How to stop further chain traversal after accept verdict
Context : https://wiki.nftables.org/wiki-nftables/index.php/Configuring_chains
If a packet is accepted and there is another chain, bearing the same hook type and with a later priority, then the packet ...
1
vote
0
answers
138
views
Kali Linux takes way too long to load the GUI after entering the password? IPTABLES
After entering the passward to login, it takes way too long to load GUI.
I think the issue is with the firewall, when I enable it the GUI loads way two long to load. More than a minute, if it's ...
0
votes
1
answer
332
views
How to send back TCP packets using iptables
I am trying to demonstrate TCP communication with a Ubuntu 18.04 box (which mocks a QNX setup) that does not have a listener installed. Consider that due to some license issues it might not be ...
2
votes
2
answers
1k
views
Change all rules in iptables when changing IP address
I have a network gateway system using iptables to allow/deny traffic to/from an internal network. I have to manually add and remove rules in iptables depending on the requirements of the entities in ...
0
votes
1
answer
594
views
iptables ESTABLISHED,RELATED in combination with DNS rules
I'm reading Chapter 3 in "Cybersecurity for Small Networks" (Seth Enoka) and have added the following iptables rules in an Ubuntu 22.04.1 virtual machine:
# Generated by iptables-save v1.8.7 ...
0
votes
1
answer
3k
views
IPTables issue allowing queries to DNS server
I've been given a task to create a DNS server for a subdomain with a delegated DNS zone. I did test the zone file and using the dig tool, I can confirm it is working when called for localhost and the ...
0
votes
1
answer
534
views
How to setup firewall rules to allow whitelisted IP for communication over eth0
I have to setup firewall rules for my onboard network(for list of device which are connected via eth0 interface) during boot up of Linux device.
By default all communication over eth0 should be ...
1
vote
0
answers
338
views
iptables forwarding stops working after suspending or rebooting
I am trying to forward packets received by a PC on port 16080 to port 3389 to another PC connected to it via Ethernet, where enp1s0 is the Ethernet interface and 10.42.0.66 is the IP of the connected ...
0
votes
0
answers
271
views
Should iptables block RST packets for a websocket connection?
I have the following setup for offloading SSL and running home assistant :
Raspberry pi A (model 3, 10.0.0.21 below) is running apache2, NextCloud and iptables.
Raspberry pi B (model 1, 10.0.0.69 ...
1
vote
1
answer
717
views
Add a IP to another rule matching hex in iptables linux
iptables -t raw -A PREROUTING -p udp --dport 4578 -m string --hex-string '|fefffffffffffffffff77f12|'
How can I whitelist the IP having the above hexx string automatically on Iptables.
I'll be ...
0
votes
1
answer
409
views
Relay TCP upload traffic and make download traffic go directly to the client
This is a supplement for iptables SNAT for UDP rule is only applied to some traffic
In fact, I have three machines:
the client
the target server
the relay server
What's my motivation for doing this?
...
0
votes
1
answer
2k
views
iptables SNAT for UDP rule is only applied to some traffic
I want to use Source NAT to change the local IP address of UDP traffic. However, only locally-generated traffic has the NAT rule applied, replies to traffic generated from remote sources do not have ...
0
votes
0
answers
388
views
Firewalld, opening all subnet for zone
Another question about firewalld, I need someone to explain this to me in simple words, because I read countless posts and I don't know what's happening here.
I've enable the home zone in ...
1
vote
1
answer
90
views
port forwording using iptables on centos7
I am using Centos7 in my physical server with public address and I have guest machine running on KVM environment with private IP address 192.168.122.2 I need to install httpd in the guest machine and ...
0
votes
0
answers
303
views
How to add exceptions in matching subnet in iptables nat output chain?
I have a rule in my iptables config:
-t nat -A OUTPUT -d 10.0.0.0/8 -j RETURN
This rule prevents from routing packets sent to 10.X.X.X address.
But now I want to add exception in this rule and allow ...
0
votes
2
answers
1k
views
Mitigating TCP reset style attacks
I appear to be a victim of TCP reset attacks with the purpose of preventing me from downloading specific data. I know this is the case at this stage.
For the time being I am staying at a hotel and so ...