Questions tagged [iptables]
iptables allow creation of rules to define packet filtering behavior. The most reliable way to provide an iptables ruleset in a question is with the output of (as root): iptables-save -c
2,681
questions
1
vote
1
answer
150
views
Two different wireguard tunnels wg0 and wg1 via wlan0 and eth0 to the same wan ip
I have following config:
two interfaces eth0 connected via ISP1 and wlan0 connected via ISP2 to the internet. Both connections have different IP addresses and allow internet connectivity.
I setup two ...
0
votes
0
answers
40
views
Issue understanding iptables (they do the opposite I was expecting)
I have a wireguard intergafce wg1 where I call PostUp = /etc/wireguard/postup.sh. My postup.sh looks like this:
WIREGUARD_INTERFACE=wg1
WIREGUARD_LAN=10.0.0.0/24
MASQUERADE_INTERFACE=eth0
CHAIN_NAME=...
0
votes
1
answer
112
views
Outgoing docker packets not respecting routing rules
I have a private docker host (A) connected via a Wireguard tunnel to a public "router" in a cloud environment (B).
Wireguard:
(Docker Container)
eth0 172.17.0.2
|
docker0 172.17.0.1
(A) eth0 ...
0
votes
1
answer
70
views
Destination Host Unreachable to host on LAN after some time
I have internal network with the following setup:
router - 192.168.1.1 - that is running dd-wrt
rasberrypi - 192.168.1.190 (rp1.local) - that is running Rasberry Pi OS
notebook - 192.168.1.185 - that ...
0
votes
0
answers
41
views
Redirect all traffic from specific interface to Docker interface and container?
I have the following architecture:
AP1, AP2, AP3 and AP4 are devices which expose their own wireless access points with subnet 192.168.10.0/24 and can't be changed.
WLAN1, WLAN2, WLAN3 and WLAN4 are ...
0
votes
0
answers
42
views
Limit network bandwidth between two interfaces by redirecting it via a vritual interface
I have a 4G failover, hp, to which I need to limit bandwidth from the main network br0 so that the data allowance doesn't get used up.
This seems to be impossible because you limit a whole interface.
...
0
votes
0
answers
44
views
Route incoming traffic on one port to a DHCP server running on the same device
I have the following setup:
A computer with the Ubuntu OS that is on a network and has internet access. Let's call it PublicIP
An isc DHCP server that is running with a subnet of 255.255.255.0 and an ...
0
votes
1
answer
118
views
docker, iptables and wireguard: what approach to pick?
Thanks to some help in a previous thread, I have managed to track down a specific issue, but I am not sure how to approach the potential fix.
To summarize the issue: docker on my server seems to break,...
1
vote
1
answer
99
views
iptables - More verbose, full log
I set the following rules:
iptables -A OUTPUT -j LOG
iptables -A INPUT -j LOG
and checking the logs with
iptables -vnL
The results is not what I want; I don't want to see source destination 0.0.0.0/...
0
votes
1
answer
205
views
How to exclude dnsmasq used by libvirt from Mullvad VPN's "local network sharing" block
I don't use the local network expect dnsmasq for libvirt. With blocking local network I have no DNS on my VM. For that reason I want to exclude dnsmasq from the local network sharing block with split ...
0
votes
0
answers
167
views
is it possible to prevent rsyslog messages going to systemd-journal log and how?
I have an iptables rule that is logging some of my networks activities into a log file using the jump LOG rule.
I filter the events to go to a specific file using the following rsyslog configuration ...
2
votes
1
answer
4k
views
Ubuntu 22.04 iptables command not working
Totally new to netfilter thing, currently am running an application which uses three interfaces eth0/eth1/eth2, my application will run on two servers and they both can communicate between them via ...
0
votes
0
answers
51
views
How to forward traffic to another server adhoc
I have a webservice that is hosted on a server A. It is accessible via the internet. There is a public IP that is assigned to A.
In case of maintenance (of the webservice!) I would like to forward ...
0
votes
0
answers
93
views
tproxy for only one application?
I need to route all udp traffic from one application through a proxy, and I think tproxy is a good option for this. I can run the app with a special user and filter by uid/gid before set-mark in ...
0
votes
0
answers
37
views
Iptables redirect outside requests to 127.0.0.1 (VirtualBox)
I have a guest virtual machine installed with the output:
ifconfig:
enp0s3: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255 inet6 ...