All Questions
51
questions
0
votes
0
answers
32
views
How to Log Each Outbound TCP Connection
At my company we have a set of 3 identical VMs. These VMs house an app that "sends messages". The app sends each message by making a TCP connection out to one of two fixed IP addresses (...
- 1
0
votes
0
answers
42
views
simulate differente Src IP (spoofing) for testing geoip filtering
I would like to simulate different ips for testing traffic filtering according to the ip origin.
I did some tests using iptables and 2 containers simulating node1 and node2 using a bridge network.
...
0
votes
0
answers
66
views
How can I redirect traffic for a specific user to connect to another server?
what I intend to do is transfer the traffic of just a specific user to another server (IP). with the commands below it will work very well to transfer only the traffic from the entire server, which ...
- 1
0
votes
0
answers
371
views
Problem using Iptables for filtering traffic on a network interface which is a bridge port, on a specific tcp port
I am using iptables as firewall to filter traffic. I want to block traffic on a network interface on a certain tcp port (I'm testing on port 22). The network interface is a bridge port, so I'm using ...
- 1
0
votes
1
answer
749
views
Disable port 8910 and then again enable when required in my linux based server
As you see below jsvc.exe is running on 8910 with PID 23943.
[root@abc-163 ~]# netstat -tulpn | grep :8910
tcp6 0 0 :::8910 :::* LISTEN 23943/jsvc....
- 111
0
votes
2
answers
264
views
how to disable tcp_resets_received from netdata
I'm receiving TCP reset emails from netdata, how would I disable the resets from happening on my linux GCP Instance?
Linux: 20.04
Provider: GCP
I've tried doing this but it doesnt seem to be working.
...
- 147
6
votes
2
answers
6k
views
Limit the duration of a TCP connection with iptables?
Is it possible to limit the maximum duration of a TCP connection with iptables?
With iptables I can limit the number of concurrent TCP connections per IP address, by using -m connlimit, and I can also ...
- 81
1
vote
1
answer
600
views
How to prevent Syn-flood on a specific port with iptables?
I was Trying Recently to prevent Syn-Flood on a server on port 2421, only one TCP Connection is permitted per second, and the Existing Connections should not be stopped, so I have used the following ...
- 13
1
vote
1
answer
892
views
Drop the nth packet on each TCP connection, or drop all packets on connection after the nth one
I would like to test the behavior of components of my system over time if certain TCP packets are dropped, to simulate network problems. I'd like to systematically recreate issues where a connection ...
- 111
0
votes
0
answers
764
views
Low-level tcp/udp proxy
Is it possible to set up a server which acts as a proxy that is able to delegate all incoming traffic (regardless of protocol) to the original destination?
What I am trying to do is to allow only a ...
- 187
0
votes
1
answer
157
views
Rerouting incoming packets from server to local machine B instead of A
I'm trying to redirect a server's incoming TCP packets to local machine B.
The application client on local machine A (192.168.0.7) is connected to the server (1.2.3.4), so every incoming TCP packet ...
- 31
1
vote
1
answer
472
views
Why is it that TCP packets can be modified to block invalid packets, but not UDP packets
On a random day I was googling iptables rules to harden my desktop, and came across this post[1]. At some point the guide mentions blocking invalid TCP packets using tcp-modules with these rules;
...
- 256
0
votes
1
answer
172
views
Dropping RSTs vs using NOTRACK
I'm in process building my own firewall. One can say I'm building user space TCP/IP stack.
However, When Kernel receive packet that it can't identify, Kernel would send out RST + ACK (Not sure whether ...
- 49
1
vote
3
answers
1k
views
nftables preventing services from resolving on IPv6
I've got my server set up with long list of services, and everything is working great... on IPv4. But when I test them against IPv6 nothing is resolving. After disabling nftables everything started ...
- 241
1
vote
1
answer
730
views
Test iptables from localhost
I have a Linux system with two interfaces lo and eth0, I have some iptables rules which will block some tcp ports.
It's possible to teste my own firewall rules by implementing a probing service to ...
- 13