All Questions
166
questions
1
vote
2
answers
8k
views
how to restore iptables after iptables -F?
I used iptables -F on my machine, and what can I do to recover the iptables into the default without rebooting my machine?
I restarted the iptables service and it failed, and I can't find iptables ...
2
votes
2
answers
1k
views
iptables drop all packets that do not come from two specific subnets
I want to drop all packets that do not come with a source IP in the subnets 11.2.4.0/24 and 11.2.3.0/24
I thought about doing something like so:
iptables -A OUTPUT ! -s 11.2.4.0/24,11.2.3.0/24 -j DROP
...
11
votes
2
answers
16k
views
Ubuntu IPTables allow only allow 1 country
So I've been looking around on the net for a script that will drop all traffic to all ports except the http(80) and https(443) ports, and then only allow traffic on all other ports from country x (...
0
votes
3
answers
95
views
iptables not dropping udp port for exact ip address
My iptables rules are as follows:
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N f2b
-A INPUT -p tcp -m multiport --dports 80,443 -j f2b
-A INPUT -d (my public facing ip)/32 -p udp -m udp --...
0
votes
2
answers
1k
views
Mitigating TCP reset style attacks
I appear to be a victim of TCP reset attacks with the purpose of preventing me from downloading specific data. I know this is the case at this stage.
For the time being I am staying at a hotel and so ...
0
votes
1
answer
91
views
Block with firewall a dns request containing a certain query
Example
let's say I'm with iptables or nftables
I want to allow a certain traffic like the following one:
iptables -A OUTPUT -d 192.168.1.1 -p udp --dport 53 -j ACCEPT
iptables -A INPUT -s 192.168.1.1 ...
0
votes
0
answers
214
views
To allow IPsec NAT-T traffic to pass through, why does the firewall still need to permit ESP when it already allows UDP 4500?
I established an IPsec VPN tunnel between two Juniper SRX routers across NAT, with the NAT being performed by the firewall (a Linux server). When attempting to configure the firewall rules to allow ...
0
votes
1
answer
5k
views
iptables snat does not change source IP
I am on ubuntu (with IP 10.0.0.1) trying to snat packets going out from port 9090. I want to change the source IP to 10.0.0.2
I have added the following rule through iptables:
# iptables -t nat -A ...
0
votes
1
answer
88
views
routing traffic using iptables and l2tp
Internet restrictions in my country have essentially made it impossible for VPNs to work.
As such, I wanted to circumvent this issue by using the following method.
Although "residential" ...
1
vote
3
answers
5k
views
iptables SNAT/DNAT explain behaviour
I am new to iptables and I want to understand how iptables nat is working.
I have a linux machine with a lxc container.
The machine network configuration is as follows: eth0 interface which connects ...
0
votes
0
answers
28
views
Firewall incoming packets are dropped with VLAN configuration
In my Windows PC, installed scapy tool for sending packets from my system to raspberry Pi board connected to my machine using VLAN.
In my raspberry Pi board, Firewall rules are already configured and ...
1
vote
1
answer
244
views
IPTables rules and networking with problems 2
My plan is to have a computer that forwards all traffic from internal interface ens19 to openvpn-interface tun0. The system has 2 physical interfaces: ens18 for local network with Internet connection ...
1
vote
1
answer
380
views
Unable to open port on debian vps
Trying to open 51820 UDP
I do
iptables -A INPUT -p udp --dport 51820 -j ACCEPT
then iptables -L
I can see
ACCEPT udp -- anywhere anywhere udp dpt:51820
then I do
/sbin/...
0
votes
0
answers
36
views
Iptable rules through two firewalls for an rdp connection
Suppose I have a network topology similar to the one above, if i wanted to rdp into a host on the private network from home these are the following iptable rules i have:
Firewall 1:
$IPT -t nat -A ...
-1
votes
1
answer
404
views
IPtables dropping packets I can't see with tcpdump and I don't know why?
My IPtables rules are blocking apt update for example:
root@vpn:~# apt update
Ign:1 https://pkgs.tailscale.com/stable/ubuntu jammy InRelease
Ign:2 http://de.archive.ubuntu.com/ubuntu jammy InRelease
...
0
votes
1
answer
141
views
IPTables rules and networking with problems
I'm using a Fritzbox for normal network and an own installed Router on rpi3 for an own network with openvpn, dnsmasq and iptables. Over the last few years the setup worked good. You can find the ...
2
votes
2
answers
3k
views
configure iptables to block all(as much as possible) bittorrent traffic
good day all
This is my current iptables setup
# Generated by iptables-save v1.4.7 on Wed Apr 9 13:50:31 2014
*filter :INPUT DROP [0:0] :FORWARD DROP [0:0] :OUTPUT ACCEPT [0:0] :LOGDROP - [0:0]
-...
1
vote
0
answers
91
views
Reroute and tunnel udp connection to another server
I have been trying to establish a connection between a vps and a dedicated bare metal server for a month now. Basically, vps will act as a tunnel to connect to my dedicated server, I'm doing this to ...
1
vote
1
answer
881
views
iptables - How do I restrict access to just local devices on the network?
I have a WireGuard VPN Server running on a Debian 12 host with no problems, listening on a specific UDP port, and all is working great with no issues. I can connect from my phone WireGuard client ...
1
vote
0
answers
378
views
Unable to traceroute but able to ping
I need to connect to my own server that runs Linux Mint.
After installing Tailscale on both PCs (client and server) I can successfully ping the server from client, but I'm unable to traceroute it.
...
4
votes
1
answer
2k
views
nftables: How to stop further chain traversal after accept verdict
Context : https://wiki.nftables.org/wiki-nftables/index.php/Configuring_chains
If a packet is accepted and there is another chain, bearing the same hook type and with a later priority, then the packet ...
1
vote
0
answers
144
views
Kali Linux takes way too long to load the GUI after entering the password? IPTABLES
After entering the passward to login, it takes way too long to load GUI.
I think the issue is with the firewall, when I enable it the GUI loads way two long to load. More than a minute, if it's ...
0
votes
1
answer
336
views
How to send back TCP packets using iptables
I am trying to demonstrate TCP communication with a Ubuntu 18.04 box (which mocks a QNX setup) that does not have a listener installed. Consider that due to some license issues it might not be ...
0
votes
2
answers
5k
views
limit max UDP bandwidth per IP using iptables?
'm using a VPS to host a VPN for DDoS protection, but I've been wanting to find a way to rate-limit UDP traffic per IP to prevent UDP floods. I'm looking for something to only allow X MBPS of traffic ...
2
votes
2
answers
1k
views
Change all rules in iptables when changing IP address
I have a network gateway system using iptables to allow/deny traffic to/from an internal network. I have to manually add and remove rules in iptables depending on the requirements of the entities in ...
0
votes
1
answer
601
views
iptables ESTABLISHED,RELATED in combination with DNS rules
I'm reading Chapter 3 in "Cybersecurity for Small Networks" (Seth Enoka) and have added the following iptables rules in an Ubuntu 22.04.1 virtual machine:
# Generated by iptables-save v1.8.7 ...
4
votes
3
answers
1k
views
Is this firewall completely secure?
I'd like to know if there's any holes/flaws in this firewall setup. I want to lock down the server as much as possible so it is impossible to hack in to. The only services running are openvpn and ssh. ...
0
votes
1
answer
3k
views
IPTables issue allowing queries to DNS server
I've been given a task to create a DNS server for a subdomain with a delegated DNS zone. I did test the zone file and using the dig tool, I can confirm it is working when called for localhost and the ...
0
votes
1
answer
547
views
How to setup firewall rules to allow whitelisted IP for communication over eth0
I have to setup firewall rules for my onboard network(for list of device which are connected via eth0 interface) during boot up of Linux device.
By default all communication over eth0 should be ...
1
vote
0
answers
342
views
iptables forwarding stops working after suspending or rebooting
I am trying to forward packets received by a PC on port 16080 to port 3389 to another PC connected to it via Ethernet, where enp1s0 is the Ethernet interface and 10.42.0.66 is the IP of the connected ...
0
votes
0
answers
271
views
Should iptables block RST packets for a websocket connection?
I have the following setup for offloading SSL and running home assistant :
Raspberry pi A (model 3, 10.0.0.21 below) is running apache2, NextCloud and iptables.
Raspberry pi B (model 1, 10.0.0.69 ...
1
vote
1
answer
723
views
Add a IP to another rule matching hex in iptables linux
iptables -t raw -A PREROUTING -p udp --dport 4578 -m string --hex-string '|fefffffffffffffffff77f12|'
How can I whitelist the IP having the above hexx string automatically on Iptables.
I'll be ...
1
vote
2
answers
757
views
iptables SNAT target and TCP ACK packets
I need to establish a TCP connection where the client is spoofing its IP for all outgoing traffic. My first attempt was to add a rule to the POSTROUTING chain like so:
iptables -t nat -A POSTROUTING -...
0
votes
1
answer
413
views
Relay TCP upload traffic and make download traffic go directly to the client
This is a supplement for iptables SNAT for UDP rule is only applied to some traffic
In fact, I have three machines:
the client
the target server
the relay server
What's my motivation for doing this?
...
0
votes
1
answer
2k
views
iptables SNAT for UDP rule is only applied to some traffic
I want to use Source NAT to change the local IP address of UDP traffic. However, only locally-generated traffic has the NAT rule applied, replies to traffic generated from remote sources do not have ...
13
votes
2
answers
3k
views
Allow traffic through a firewall to a dynamic IPv6 address
Suppose I have this configuration on IPv4 right now:
My router (a Linux box) is connected to the Internet on eth0 and my LAN on eth1. I want to forward port 80 to 10.1.2.3. Here's how I'd currently ...
0
votes
0
answers
398
views
Firewalld, opening all subnet for zone
Another question about firewalld, I need someone to explain this to me in simple words, because I read countless posts and I don't know what's happening here.
I've enable the home zone in ...
1
vote
1
answer
90
views
port forwording using iptables on centos7
I am using Centos7 in my physical server with public address and I have guest machine running on KVM environment with private IP address 192.168.122.2 I need to install httpd in the guest machine and ...
0
votes
0
answers
306
views
How to add exceptions in matching subnet in iptables nat output chain?
I have a rule in my iptables config:
-t nat -A OUTPUT -d 10.0.0.0/8 -j RETURN
This rule prevents from routing packets sent to 10.X.X.X address.
But now I want to add exception in this rule and allow ...
0
votes
1
answer
934
views
Correctly redirect traffic from 80/443 to NodePort exposed Traefik 30080/30443 on Kubernetes using iptables
In a Kubernetes setting, Traefik is deployed as follows using HelmRelease:
apiVersion: helm.fluxcd.io/v1
kind: HelmRelease
metadata:
name: traefik-default
namespace: kube-system
spec:
chart:
...
0
votes
1
answer
1k
views
Iptables command analog in Windows
iptables -I FORWARD -s 192.168.1.100 -p udp --dport 27000:27200 --match string --algo kmp --string 76561198923445525 -j ACCEPT
I need simply analog of that working command within windows OS, for ...
-3
votes
1
answer
83
views
Why does my IPTables changes not deny access from all IP addresses except CloudFlare’s ranges?
I am running apache on ubuntu 18.04. I used IPtables to deny access from all IP addressed except CloudFlare’s ranges and when I run iptables -L –line-number I get
1 ACCEPT tcp – 131.0.72.0/22 anywhere ...
4
votes
1
answer
8k
views
How can I do DNAT and SNAT on Windows 7?
I have a very old program which uses a fixed IP address as destination. I'm trying to revamp my network into something more modern but this legacy system is holding me back.
As a simple solution, I ...
2
votes
1
answer
9k
views
RULE_APPEND failed (iptables)
I'm working on an assignment in which I have to create some custom firewall rules on a Debian router. I'm using iptables to create the rules. Here's the thing, whenever I try to add this rule: ...
8
votes
2
answers
9k
views
Deleting a IP from blacklist iptables
I created a blacklist using ipset and iptables called "blacklist", now i would like to know how i edit "blacklist" to remove or add IP's.
Anyone knows?
1
vote
2
answers
7k
views
UDP packet and firewall
I notice when I send udp packets from computer A to computer B,
B can receive the upd packets correctly
but if I send udp packets from computer B to computer A
the udp packets are not received
A and ...
2
votes
1
answer
11k
views
Block ARP requests (or broadcast message, if possible) from A SPECIFIC HOST in a subnet
My ISP provide username-password for authentication and also register the client's MAC address for authentication.
I am concerned about someone misusing my connection while I am not using it. ...
1
vote
1
answer
775
views
iptables logging how to increase max log prefix?
I have many iptables rules that will log offending packets. My logs go to /var/log/iptables.log but the logs appear in 24-hour time: Mar 13 00:13:55 kernel: DROPPED Attempted ping, I would like them ...
2
votes
1
answer
5k
views
Blacklisting port-scanner via iptables
I operate a VPN server and am having issues with DDoS attackers port-scanning my VPN for open ports to flood. I need a rule that will blacklist them after they have contacted X ports in Y seconds, so ...
0
votes
1
answer
2k
views
Filter a packet marked with Iptables
I have a straightforward scenario where a Workstation is connected to a Gateway (simulating a FW) and that Gateway gives access to the Internet. So, just to clarify, the gateway has two interfaces, ...