Browsing articles tagged with "iptables - 4/71 - Admins Goodies"
Aug 30, 2012
tom

Sendmail & IpTable Rules

I need to setup IpTable Rules for a server with nginx, ssh and sendmail. Now, the problem is, with my rules I can not send emails to other hosts anymore. Emails to localhost do work, but sending to different servers does not, when the firewall is up. I tried opening both Incoming and Outgoing Port 25 and DNS lookup ports, but nothing worked. Any ideas? Update: Here are my rules: #! /bin/sh # firewall iptable […]

Continue Reading »
Aug 27, 2012
tom

Use iptables to forward ssh

i found several tutorials on how to do it, but got none of them to work :/ My setup: FIREWALL – reachable from the internet – eth0: xxx.xxx.xxx.xxx (public ip) – eth1: 192.168.1.1 SERVER – reachable from FIREWALL – eth0: 192.168.1.5 Because I still want to be able to connect to the firewall on port 22, I would like to forward incoming connections on port 2222 to 192.168.1.5:22. ping and ssh from FIREWALL to SERVER […]

Continue Reading »
Aug 20, 2012
tom

Cant forward port 443 to 8443 without allowing 8443 on ufw

I configured port forwarding through iptables and ufw. But there is something I do not understand, I just cant get iptables to forward port 443 to 8443 without allowing port 8443 on UFW. I want port 443 to forward to port 8443 but I also want port 8443 to be disallowed from outside my network. In resume, I can only forward port 443 to 8443 if I fully allow both ports 443 and 8443 on […]

Continue Reading »
Aug 19, 2012
tom

How do I block repepating requests? Should I do it with Apache2 config or .htaccess?

I want to block the same repeating requests to my website. For example, someone hits “Refresh” button 3 times, so I want the same requests following from that user to be auto blocked. I know I can do that with PHP or whatever server-side programming language is used, but is there any “portable” solution independent of the website, like Apache2 config or iptables rule? Are there any other methods of such basic protection? Asked by […]

Continue Reading »
Aug 12, 2012
tom

Iptables port forward tftpd

i need to forward incoming port 69 to port 2112 with iptables on linux. i don’t need any NAT etc. just accept incoming connections to port 2112 like it be 69 pot. Thank you! Asked by Raspizdyay As well as the port forwarding, you also need an extra module loaded to handle tracking tftp connections. This can be done in testing by simply running modprobe nf_conntrack_tftp Making it permanent depends on the distro in use, […]

Continue Reading »
Aug 8, 2012
tom

Hostname forward to port

I would like to know how to do the following. I would like so, when you connect to a domain example.com – it’ll forward that to lets say 15.46.43.33:26046 (This is for a game, not Apache). Is this possible with IPTables, or any other software for Linux (CentOS 6.2)? – Appreciate it Asked by Daniel I think you need a domain (example.com in your example) and a DNS A record to associate the hostname to […]

Continue Reading »
Aug 5, 2012
tom

Allow accessing to the port :8080 in iptable

I need to access to my website on port :8080 But for a reason, I can’t : That’s what looks like my iptable -L https://gist.github.com/28e7a48d91e933c6f377 After searching on serverfault, I’ve just added : iptables -I INPUT 1 -i lo -p tcp –dport 8080 -j ACCEPT With no effet (even after a iptable restart) How to allow access of the port 8080 please (both locally and externally because of the setting i’m going to put for […]

Continue Reading »
Aug 4, 2012
tom

iptables: Allow port range but deny to certain IP

I am running a server which needs UDP ports 1000:11000 opened, as well as TCP 10011 and 30033 open to function. I have a set of iptables rules set to allow SSH and those ports, and intentionally left out 2010 as I am getting attacked on that port. The server does not block the incoming IP even when told to do so. The IP that needs to be denied is: 194.97.114.3. My iptables script: service […]

Continue Reading »
Jul 24, 2012
tom

iptables rules to counter the most common DoS attacks? [closed]

Recently I’ve got a lot of small scale DoS attacks. I am wondering what iptables rules should I use to counter the most common DoS attacks, and generally secure my web server. The web server sports Varnish -> nginx/php5 -> memcached -> mysql I tried some generic receipts but they also block access to my database server which sits at a remote server, so I just flushed the suggested rules, and now feel a bit […]

Continue Reading »
Jul 10, 2012
tom

Rate-Limit affects All clients or single IP?

Well up-til now I’ve considered iptables rate-limit commands with the “recent” module to work for each IP Address. For example rate-limit rule of 20k/s will trigger only if a single IP exceeds 20k/s rate and not if 4 different IPs exceed 5k/s rate. Please correct me if I considered this wrong as I’ve only used these rules for TCP/ UDP. But today I tried similar rules for ICMP and applied 4/s Input/Output. But then on […]

Continue Reading »
Pages:«1234567...71»