CentOS 5 :: Iptables-1.3.5-5.3 Missing Libipt_time.so?
Oct 22, 2009
I have just done the upgrade to CentOS 5.4, but it seems that the iptables library libipt_time.so is no longer provided in /lib/iptables in the distribution. The currently installed version is iptables-1.3.5-5.3
I am getting this error message: iptables v1.3.5: Couldn't load match `time':/lib/iptables/libipt_time.so: cannot open shared object file: No such file or directory
Have the -m time components been moved to another library or removed from iptables? How do I stop iptables from trying to load this non-existent library?
View 1 Replies
ADVERTISEMENT
Apr 28, 2009
To expand: I'm trying to set up a box with l7-filter, and I need to patch and compile iptables 1.4.1.1 as part of the process. I ./configured it with the prefix= argument so it would install into /sbin instead of /usr/sbin, and I did a yum remove iptables before installing it so as not to get in the way of the original iptables, but I'm wondering if this is really necessary - it's kind of annoying, because removing the original iptables removes the init.d script, deregisters the service, etc. If I don't, is it possible that iptables 1.4.1.1 might get overwritten in a system update or something, or will yum see that I've got a custom/newer version in there and leave it be?
View 4 Replies
View Related
Nov 30, 2009
On Fedora 12 each reboot seem to reset my custom iptables rules I have manually added to/etc/sysconfig/iptables. My change are in /etc/sysconfig/iptables.old so obviously some process is removing them.
View 4 Replies
View Related
May 11, 2011
i am currently trying to install vsFTP onto my new linux server and btw i just started using linux today this is my first time using linux so i got the ftp installed good it got downloaded and everything then i went to open a port for my server for vsFTP i used this comand to open it "-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT" then i closed it by pressing ESC then :wq! and it brought me back to my comand line again so now when i try to start the ip table thing with the comand "service iptables start" then when i execute that comand putty respondes with this "Applying iptables firewall rules: iptables-restore: line 1 failed [FAILED]"
The install Guide im using: [URL]
View 5 Replies
View Related
Dec 17, 2010
I have been trying to install clisp on one of our systems and get the error: Missing Dependency: libsigsegv.so.0()(64bit) for package: clisphowever, I have checked and the library libsigsegv-2.7-1.el5.rf.x86_64 and its associated header file package are, in fact,installed.
View 3 Replies
View Related
Mar 3, 2009
I seem to be having an issue with iptables, every so often the server starts loosing packets and then goes off completley, if I manage to login to ssh I can stop iptables and this resolves the problem, however it keeps doing this. Is it possible to stop anything being added to iptables?
View 6 Replies
View Related
Mar 19, 2009
can i configurfe iptables except using terminal ? like 32-bit interface application
View 1 Replies
View Related
Apr 7, 2010
When I try something like, I get:
iptables -A FORWARD -p udp -m length --length 39 -m u32 --u32 '27&0x8f=7' --u32 '31=0x527c4833' -j DROP
iptables: No chain/target/match by that name.
So I re-compiled the kernel enabling WAN Router, and all the subsections. Downloaded latest iptables, removed the RPM one, installed the iptables from source.. Guess what, same error!
PS: iptables -m u32 -h works, it displays a page of info.
View 1 Replies
View Related
Apr 14, 2011
I am having difficulties setting up Symmetric NAT through iptables and I hope you can help me with this issue. First things first: "A symmetric NAT is one where all requests from the same internal IP address and port, to a specific destination IP address and port, are mapped to the same external IP address and port.If the same host sends a packet with the same source address and port, but to a different destination, a different mapping is used. Furthermore, only the external host that receives a packet can send a UDP packet back to the internal host."
Need: I am working on a SIP application and SIP apps face a problem with NATed networks. STUN is a solution to such a problem and my SIP application has an embedded STUN client functionality. Scenario and Technical Details:
[Code]...
View 2 Replies
View Related
Dec 24, 2010
I'm trying to open port 119. I already have a few ports open. I've used webmin to open both incoming and outgoing ports. iptables --list --numeric gives me:
Code:
...
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:10000
[code]....
View 4 Replies
View Related
Aug 5, 2009
I have a strange problem with IpTables.after a server reboot, the complete rule-list of iptables is empty. After a manually start, all my old rules are there again.I checked chkconfig if autostart of iptables is enabled:chkconfig --list iptablesiptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off
View 2 Replies
View Related
Aug 13, 2009
I'm at my wits end at this point.
CentOS 5
iptables 1.4.1.1
APF 9.7
Webmin 1.4.80 (yes i can be a gui noob at times)
I'm currently running a dedicated server that hosts a couple of sites and runs a game server or two. I was using iptables on its own for a while, but recently I'm a target of all sorts of attacks (typically aimed directly at the gameserver on port 7777. UDP flood attacks, etc). I'm also seeing an spike in foreign spam, SSH brutes, and a few people in Turkey thought it would be cute to download files over and over and over I have decided to start banning entire countries, using the subnets listed here [URL]... I'm trying to block Central and South america (189,190,200,201.x.x.x), China, Ukraine, Turkey, Iran, Spain and Italy. I do this because a majority of the traffic from those areas are usually up to no good.
I installed APF so I could easily add these ranges in deny_hosts.rules and be done with it. I added the ranges, which turned out to be too many, and the system tanked. I decreased the amount of ranges to just 4:
189.0.0.0/8
190.0.0.0/8
200.0.0.0/8
201.0.0.0/8
Restarted APF and it loaded fine. Do an apf --list and iptables --list and it shows those 4 ranges as blocked. The only issue...I have people from 190.x and 200.x connecting to the gameserver and PLAYING. Its as if the firewall isnt there. Also, adding those ranges to /etc/hosts.deny (or whatever) doesn't block them either.
I add one of my own ips and I get blocked instantly. WTF?? I look in the iptables for webmin, and it shows an empty firewall. I do iptables --list and it shows the ranges I added in APF. I'm looking at building (or whatever its called) an fresh iptables with the geoip module added in. [URL]...
I've never done anything like this, and I don't want to kill the box. I also don't want to spend the effort if 1) something is wrong with my system to begin with and 2) the geoip module doesn't work. geoip module aside....how exactly should i configure the firewall? Empty iptables completely and then rely on APF for everything? Oh and heres another tidbit: I tried this before 2 years ago and it used to be that anything I put in APF would show when i looked at iptables using the webmin module. Thats no longer the case now. That was also on CentOS 4 when it did that. I don't know if moving to 5 is whats preventing it now.
In a nutshell, I'm new at this and I'm being inundated with terrible people trying to do terrible things and I'm ready to just give up. Can someone just give me a quick rundown on:
1) how to test that my firewall is actually firewalling
2) how I should configure the/a firewall on this CentOS5. Not too specific, I just want to know if I should empty iptables then load apf, should i not bother with APF (i like it when it works), is there a specific order of doing things?
View 8 Replies
View Related
Jan 23, 2010
The problem I am having is that iptables won't load the required modules for my firewall rules.
iptables -F
iptables -P INPUT DROP
iptables -P FORWARD DROP
[code]....
View 1 Replies
View Related
Mar 11, 2010
I have big problem with correct settings of iptables as a router. My network topology (UTM Hardware router) 192.168.1.1--->eth0 192.168.1.2(centos with apache ftp and transparent squid 8080)--->eth1 192.168.0.1(LAN with dhcp)
eth0=WAN 192.168.1.2
eth1=LAN 192.168.0.1
I have problem with hanging connections through squid which are very slow or connection failed. Sometimes i received DNS timeout error from squid stable 2.6 21
[Code]...
View 1 Replies
View Related
Mar 26, 2010
# iptables -t tproxy -n -L iptables v1.3.5: can't initialize iptables table `tproxy': Table does not exist (do you need to insmod?) Perhaps iptables or your kernel needs to be upgraded. Does exist a tproxy module for CentOS's kernel (2.6.18) ?
View 1 Replies
View Related
Mar 30, 2010
I'm trying to redirect the requests from port 80 to ports 8080 and 8081 through iptables because I've got two services which need accept requests from the same port(80):
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080-8081
The problem is that the second port (8081) never gets a request, just the first one.
View 1 Replies
View Related
Sep 5, 2010
How I add this " iptables -F " to my Servers boot I already asked this from my Provider, but it seams he forget each time I ask.
View 3 Replies
View Related
Jan 10, 2011
Loaded up Centos 5.5 final. Configured iptables to block regions of the world based on networks. An example would be:
-A INPUT -s 139.82.0.0/16 -j DROP
My /etc/sysconfig/iptables file contains about 10k entries like this. If I use this, the machine lags hardcore network wise.
View 3 Replies
View Related
May 5, 2011
I have the requirement that if our website receives 20 or more requests within 60 seconds, to block the offending IP address for 5 minutes, then allow them access again. My only certain mechanism to do this is iptables. I wrote the following series of commands:
iptables -N RATE_CHECK
iptables -N DOSAttack
iptables -N RemoveBlock
[code]...
I am limited in my testing, but the little I have been able to test seems to be having no effect. will the above commands have the desired effect.
View 4 Replies
View Related
Jun 6, 2011
I have a fiberoptic broadband 20MB synchronous pipe at my home. Over summer at my place of employment its pretty much dead for 3 months so when I'm not busy I play around on my home server. I have my 20mb pipe going directly into my wrt54gl, from there I have a wired connection going to my server (Centos 5.3 recently upgraded to 5.5 through updates.) It serves as a file server(Samba, SSH). My wrt54gl handles natting port 22 to my server. I have my wireless AP setup to hand out leases from .2-.20 and my server has a static of .100. Dyndns.org handles my name resolution via their free account method.
I have a Mac Pro, iMac, Macbook, and a Toshiba Laptop with 64bit 7 running off wireless along with our cell phones, and my XBOX 360 also is wired directly for the gaming speed. I use all of the computers around my home to access the samba shares via unc path for file sharing and or working on projects. I had originally planned to upgrade the wrt54gl with a cisco e3200 or an e3000 but unfortunately I've come to find out dyndns and the e lines of cisco wireless AP's dont work with dyndns and get banned. So I would have to install the daemon on my server and put it as a directly connected server to my WAN link and install a second ethernet card and pass traffic through my server for the rest of my home which I am not going to do.
All of the previous sentence because it would update dyndns with a 192.168.x.x address since its not directly connected. I use a combination of putty.exe and vnc viewer to tunnel 5900 through port 22 to my server. So from anywhere I am at I can access my screen securely and then rdp or vnc to the desktop of my local LAN computers. This allows me to only have port 22 open. I've been looking at my ssh logs and noticed I have been getting hit alot with ssh scans. I want to implement an iptables firewall on my linux machine just for the purpose of further securing port 22. I dont necessarily need natting on the iptables firewall but all I need is ssh in and out, web in, and samba out to local ip's only.
For SSH this is what I want. I want to allow SSH from any IP but if it tries to login more than 3 times in one minute I want to block that IP for a full minute before it can try 3 more attempts. I also would like log to a file but have been having issues getting that to work as well. That way when I review logs and I see that an ip tries three times and then waits a minute and tries three more, etc... I can permanently block that ip or range of ip's by adding it to the iptables script. Here is my current iptables script and it doesnt seem to be working for me. I have played with this and read for almost two weeks and still cannot get it to work correctly.
Code:
#!/bin/bash
# In order to use this iptables firewall script you must have iptables installed. You also must be using a 2.4.x series Kernel, with iptables suppport compiled into it, which is standard for most newer linux distributions.
# If you need help compiling iptables into your kernel, please see our kernel Compile/Upgrade Guide located at [URL]
# Once the script has been edited with all your relevant information (IP's Network Interfaces, etc..) simply make the script executable and run it as root.
# chmod 700 fw_rules.sh
# ./fw_rules.sh .....
# Our final trap. Everything on INPUT goes to the dropwall
# So we don't get silent drops.
$IPT -A INPUT -j dropwall
View 3 Replies
View Related
May 9, 2009
I have CentOS 5.2 just installed and massively updated with yum -update command. Than I tried to configure firewall. After changes via system_config_securitylevel_tui (open ssh, http, ftp, and 3306:TCP ports) iptables service can't start with message
> /sbin/service iptables start
Flushing firewall rules: [OK]
Setting chains to policy ACCEPT: mangle filter nat [OK]
Unloading iptables modules: [OK]
Applying iptables firewall rules: iptables-restore v1.3.5: Couldn't load match `TCP':/lib64/iptables/libipt_TCP.so: cannot open shared object file: No such file or directory
Error occurred at line: 18
Try `iptables-restore -h' or 'iptables-restore --help' for more information.
[FAILED]
I erased the iptables service and installed it again with yum. How can I make this service work?
View 7 Replies
View Related
Jun 26, 2009
if am using --log-prefix "BANDWIDTH_OUT:" --log-level 7 to capture packets, I think is there a way to view these?
View 4 Replies
View Related
Apr 10, 2010
I'm encountering a known problem with IPtables. I set up rules and apply them, restarting firewall, then I get this message:
Flushing firewall rules: [ OK ]
Setting chains to policy ACCEPT: raw nat mangle filter [ OK ]
Applying iptables firewall rules: [ OK ]
Loading iptables additional modules: ip_conntrack_ftp ip_conntrack_netbios_ns [FAILED]
View 4 Replies
View Related
Jun 4, 2009
if I use the final flag, postfix loggs to /var/log/messages, not to /var/log/maillog.What I am doing wrong?regards ralfHere my config:
options {
sync (0);
time_reopen (10);
[code]....
View 2 Replies
View Related
Jul 4, 2009
I have a fresh installation of CentOS 5 I'm using for a server, and I'm having issues with port configuration. I have iptables running, and it started with no /etc/sysconfig/iptables file. I added a few basic rules (port 53, port 10000 for webmin), saved the file, and restarted the service. I tried connecting to webmin, scanned ports, and traffic was blocked. I set iptables to allow all traffic and restarted the service, and it still showed basically every port as being blocked. It seems port 80 and port 22 work for some reason, even when I tell iptables to block all ports.
I'm not sure what's going on here. Iptables is reading the /etc/sysconfig/iptables file, and if I use lynx localhost:someport it responds as it should according to the file. However, if I try connecting by IP, it's like there's some other firewall or something running that does whatever it's configured to do.....
View 2 Replies
View Related
Nov 18, 2009
I have been trying for days now to get this to work. didn't want to bother people with my questions, i have installed Fail2Ban 0.8.4 on CentOS 5.4.
I get the email notifications from Fail2Ban stating that it just blocked another IP, however, when i look at the iptables through webmin, nothing is actually in there, also the log/secure file dose not show that the ip has been blocked.
Even when I try to log-in with the wrong password, after a few tries i get the email telling me that my ip is blocked, however, I can still SSH using my 'blocked' IP.
View 7 Replies
View Related
Jun 6, 2010
I am new to iptables. The setup tool on a VPS doesn't work. So, I am learning to insert rules. I have inserted so many and some of them show as duplicates now.
1- I want to know how to remove the duplicates. Is there a file that these rules are store in so I can go in and easily edit it?
2- Is there any other utility that handles firewall in Linux that I am unaware of? or is the iptables the ultimate door guard? This is a plain install of CentOS.
3- Since I believe I opened port 5090 but I think it still might be blocked, could SELINUX be the problem? How can I get my way around setting it to permissive or disable if I don't have access to "setup" command?
4- What is the order of iptables reading? does rule #1 supersede all other rules? or does the last rule supersede all rules prior to it?
5- Do the rules below make a fairly safe system? (except for the duplicates which should be remove) I understand that a safe system is dependent also on the applications that are allowed in this category and I am not talking about those. I am talking about dropping all other inquiries and in general is this how iptables are setup? This is what I currently have:
[root@tel ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
[Code]...
View 2 Replies
View Related
Jun 16, 2010
I am trying to edit the iptables to include some ports/ip for openfire server. The problem is the computer is very locked down with permissions...I logged in as ROOT with ID 0.Now the iptables has ROOT for permission BUT ID 1 which reflects BIN.As root i cant edit or chmod/chown the iptables. Here is what i tried:
1. change password of BIN - successfully changed with no errors BUT still cant su BIN with the new password...
2. tried changing the ID of ROOT to 1 but I dont have permission to use the command....
so anything i can do here??? I dont have permission with Shadow either...
View 3 Replies
View Related
Jan 13, 2010
I am using centos 5.3 , and also using webserver in local network
Here is all configuration
1, server
eth0 , 222.80.1.90 this is live ip
eth1 10.0.0.1
2, webserver
eth0 10.0.0.2
I want set iptables on server 1 , to acces webserver from other city ,
How to configure iptables
View 2 Replies
View Related
Apr 27, 2011
I'm trying to open up some ports to connect via vnc to a server running Centos 5.5. I've edited /etc/sysconfig/iptables everything *looks* fine, but I still can't seem to get access to the port I've opened (I added some newlines for clarity between commands):
[Code]....
View 4 Replies
View Related
