Questions tagged [iptables]
iptables allow creation of rules to define packet filtering behavior. The most reliable way to provide an iptables ruleset in a question is with the output of (as root): iptables-save -c
2,674
questions
0
votes
0
answers
17
views
RULE_APPEND failed (Too many links)
I'm trying to apply the policy I got by running iptables-legacy-save using iptables-nft-restore. When I do, this I get this error. When I search for this error, all I can find is a paywalled redhat ...
-1
votes
0
answers
117
views
How to set up public Linux station safely?
On a Linux cloud machine, I want to set up a learning station for beginners (pubnix/pubunix).
How can I block all internet except for incoming SSH (ssh user@cloudmachine) and except for SSH local port ...
0
votes
1
answer
48
views
iptables: NAT bridge traffic
Background
I have a linux machine with bridge interfaces as shown below...
---{prenat}--> ---{postnat}-->
source: 172.25.0.3 source: 192.0.2.1
+---------------...
0
votes
0
answers
39
views
Strongswan - Communication doesn't work between hosts
I have created a SITE-TO-SITE IPSEC tunnel between my two branches, the tunnel is up and running and I can ping bidirectional both routers, the problem is that I can't do any type of communications (...
0
votes
1
answer
10
views
Inquiry on how to set up the bypass function through 2 lan ports in a pc
I have 2 LAN ports on the server (eth0, eth1). I want to export the packet that came from eth0 to eth1. Additionally, I want to make it work in the opposite direction at the same time.
Is it possible?
0
votes
1
answer
23
views
Limiting a process to only allowed to use specified network interface
I have binary program named wstunnel.
That program has no option to specify outgoing traffic. By default it will use ens3. I expect the program will use warp interface.
I'm not sure iptables can solve ...
0
votes
0
answers
22
views
Why aren't the rules inserted into my chain?
I create a chain and immediately want to add rules there, but for some reason they are not added. When the iptables -L <chain-name> chain is output, only its empty body and a list of links to it ...
-4
votes
1
answer
62
views
How to takeover forwarded tcp streams in Linux? [closed]
I have some TCP streams which are only going over my linux box. In theory, it only packet forwards them. Now some new idea happened on which now I think, it would be much better to also alter their ...
1
vote
0
answers
44
views
NAT router with private IP towards ISP and public IP on the second interface, localhost traffic problem
I need help with the following network and router. Under emergency conditions, I received the following network. The router (Ubuntu) has two interfaces and a DNS function. The private address on the ...
0
votes
0
answers
20
views
How to enable NAT loopback/hairpinning with iptables on router?
I have a HG659b router, and have got shell access to the router, so I can configure the iptables.
In the web page, I have configure a port forwarding setup to forward port 37777 to the host 192.168.1....
0
votes
0
answers
16
views
Ubuntu "Shared connection" unable to block ports
I am in need to test our connectivity of our device (specifically, how our device responds when unable to reach certain ports).
So I am trying to control the ports, by sharing the internet connection ...
1
vote
1
answer
42
views
RHEL 8 IP/Kernel Routing Multi-Homed Server Issue - Cannot get a response to ping, when trying to ping from 2nd Interface
Set up/configuration:
I have a RHEL 8 server, running Asterisk 15.x, that has 2 NICs. NMCLI is used for networking
NIC0 (eno5np0) is on the trusted network and is configured as a static IPv4 and NIC1 (...
2
votes
1
answer
16
views
Limit access of SSH user to applications iptables and ip6tables
I'm using ubuntu 22.04 and want to login with an ssh user that has only access to iptables and ip6tables. So the user should login and can only input, delete and update iptables and ip6tables, nothing ...
0
votes
0
answers
42
views
Firewalld (nftables) SNAT problem
so my setup is following:
A:
PrivIP: 172.16.1.1
PublicIP: 212.1.2.3
B:
PrivIP: 10.123.0.1 (Interface: dummyip, dont ask why I named it like that)
PublicIP: 213.1.2.3 (Interface: eth0)
They both are ...
0
votes
2
answers
100
views
Forwarding TCP and UDP packets on all ports to another IP on a second network interface?
I have an ubuntu machine at IP 192.168.3.1, another machine is connected to it at fixed IP of 192.168.3.2, This machine is also connected to a router over usb0 which has shared the IP 172.30.220.17 to ...