All Questions
584
questions
1
vote
0
answers
35
views
Forcing OpenVPN process to run with a specific group using nmcli
I am struggling with this script of mine that should prepare a secure VPN connection with VPN kill switch and I need some help.
What I am trying to do (in general):
My goal is to set up a very strict ...
-1
votes
0
answers
121
views
How to set up public Linux station safely?
On a Linux cloud machine, I want to set up a learning station for beginners (pubnix/pubunix).
How can I block all internet except for incoming SSH (ssh user@cloudmachine) and except for SSH local port ...
-4
votes
1
answer
64
views
How to takeover forwarded tcp streams in Linux? [closed]
I have some TCP streams which are only going over my linux box. In theory, it only packet forwards them. Now some new idea happened on which now I think, it would be much better to also alter their ...
0
votes
1
answer
23
views
dd wrt as a proxy client
I want to use a router in a network with a proxy. Without the router, everything works if you open the proxy settings in Windows and enter the address and port. No additional actions are required. I ...
0
votes
1
answer
128
views
How are source ports chosen for iptables SNAT targets?
By default the SNAT target keeps the source port of the original packet. If that port is already in use, it chooses one at random. Is there any way to influence the choice of this port or gage the ...
0
votes
1
answer
87
views
iptables duplicate port traffic
I want to clone/duplicate all udp traffic incoming on port 8500 to port 8600. It is important that the source address is not modified. Also both ports must be accessible by applications (the packets ...
2
votes
1
answer
83
views
Tracing iptables Rules
I'm just beginning to dig into iptables for the first time today, so apologies for any naivete.
For reference, I'm using
Ubuntu 22.04.4 LTS (Jammy Jellyfish)
iptables v1.8.7 (nf_tables)
ufw 0.36.1
...
0
votes
0
answers
42
views
Flow of marked packets in Linux network stack
Summary:
My question is regarding the flow of marked packets in the network stack.
Here is what i have done:
I have marked packets in the mangle table using the OUTPUT chain.
I have also added a tun ...
0
votes
1
answer
42
views
Route all TCP traffic from port to another host:port
I have a wireguard config, creating a VPN between a remote server (10.0.1.1) and my local machine (10.0.1.2), so that the server can reach the local machine and vice versa.
I'd like the server to ...
0
votes
0
answers
60
views
Docker container traffic through host iptables tproxy
Problem
Docker container network does not go through the host TPROXY-configured tunnel.
Setup
I have a TPROXY-supported proxy server running on my machine (listening on 127.0.0.1:8080). I configured ...
1
vote
1
answer
38
views
Route all traffic via VPN except SSH (for using an SSH tunnel)
Hi I need to create the following configuration:
I have a VM where I've set up a PPTP connection
pty "pptp x.x.x.x --nolaunchpppd"
name username
password password
remotename PPTP
require-...
0
votes
0
answers
167
views
is it possible to prevent rsyslog messages going to systemd-journal log and how?
I have an iptables rule that is logging some of my networks activities into a log file using the jump LOG rule.
I filter the events to go to a specific file using the following rsyslog configuration ...
0
votes
0
answers
51
views
How to forward traffic to another server adhoc
I have a webservice that is hosted on a server A. It is accessible via the internet. There is a public IP that is assigned to A.
In case of maintenance (of the webservice!) I would like to forward ...
0
votes
0
answers
62
views
Firewall rules block DNS from working
I've set up firewall rules on my server, which are generally working well. However, there's an issue: my server can't ping any website. It seems to be a DNS problem that arises when these rules are ...
0
votes
1
answer
79
views
Blocking all ports but a few in iptables
I am attempting to DROP all ports but one in iptables.
After running the following commands:
iptables -N WHITELIST
iptables -A INPUT --jump WHITELIST
iptables -A WHITELIST --protocol tcp --match tcp --...