Consider this basic network setup: Client -> Router -> “Internet” -> Router -> Server Problem: the client can open a connection to the server and send data (“request”), but the server data packets (“response”) can not be sent to the client. It looks like a firewall problem. I assume that a packet filter could be the reason, filtering out only the response packets. Is there a technical term for this filter type? Asked by mjn [...]

I have been working with the firewall/router distribution Pfsense for a while now and I have been trying to figure out how to “isolate” a server on my LAN from other computers on my LAN by using deny/reject LAN rules. I have tried adding a rule under Firewall->rules->LAN that denies a device (my phone for example 192.168.1.102) from sending any TCP packets to my web server at 192.168.1.105. For some reason, the packets manage to [...]

Investigating a slow VPN connection (Cisco ASA IPSec) to a remote office, I noticed on our firewall a lot of access rule matches: Denied ICMP type=3, code=4 from *ip_address* on interface outside I noticed that a traceroute to the remote site included the same IP address, somewhere between our ISP and the ISP the remote site uses. I’m also seeing a message immediately after before saying No matching connection for ICMP error mesage: icmp src [...]

I have an old Belkin router and when I enable the firewall I cannot access certain websites. For example: http://www.avisynth.org With Firewall Enabled: Main page loads and begins to do a meta refresh which never finishes. With Firewall Disabled: Main page loads and the meta refresh completes as normal and I am taken to the wiki page. I have not setup any rules in my firewall that would prevent this site from loading, yet it [...]

In OSX server, the firewall is usually opened per Applicaation, not per port. However, I have a ton of self-compiled servers, and I find it more convenient to open their ports, rather than select their binaries from somewhere. (It’s often cumbersome to spot the “binary” in a server, between millions of scripts and binaries.) How do I open individual ports on the OSX Server Firewall? Asked by Niko Schwarz Which version of OS X Server? [...]

I’m trying to set up a Cisco ASA 5520 as the main entry point for our datacenter setup. This setup includes: Three private networks (management, SAN and backup) that are used in a cloud server configuration One publicly accessible /26 subnet, both used for customer servers and the cloud server configuration So the networks are defined as: Subnet 80.50.100.64/26 ISP Gateway 80.50.100.65Management 10.10.10.0/24 SAN 10.20.20.0/24 Backup 10.30.30.0/24 There are currently some customer servers already online, [...]

I would like to forward all incoming traffic from a certain port to another one using iptables. The problem is that prerouting doesn’t work for traffic from localhost. This topic suggests a solution: iptables -t nat -I PREROUTING -p tcp –dport 443 -j REDIRECT –to-ports 8080 iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 –dport 443 -j REDIRECT –to-ports 8080 This solution does work for most cases. However, when I connect to http://myserver:443 where [...]

I’m responsible for a server that serves a single service (ssh) over the internet via port-forwarding through a firewall. The ssh service login is limited to encryption-key only (no passwords allowed). Several times a week I see the following sort of firewall log (slightly obfuscated of course): [UFW BLOCK] IN= OUT=eth0 SRC=192.168.x.x DST=211.224.108.50 LEN=48 TOS=0×00 PREC=0×00 TTL=64 ID=0 DF PROTO=TCP SPT=22 DPT=29364 WINDOW=14600 RES=0×00 ACK SYN URGP=0 The source-port is always 22, and the destination [...]

I am trying to create a bridge with ThreatStop, IPS and block a few ports. This bridge will sit in front of my servers. All is working apart from the IPS. I have read the documentation on configuring IPS, I have something configured that it hasn’t complained about and nothing is logged so I believe that it isn’t working. Is it possible to set-up IPS on a vyatta bridge? Also is it possible to read [...]

Having a small issue setting up a vyatta. The company internet and two different websites are both on the same IP. Server 1 – Has websites hosted on ports 1000 and 3000 and also has a proxy server installed to provide internet connection to the domain Server 2 – Has a website hosted on ports 80 and 433 The vyatta is correctly natting the appropriate traffic to each server, and allowing the proxy to get [...]