I'm stuck at server with OpenNA installed, which has no relation with CentOS but If anyone knows GIPTABLES firewall to point me somewhere I can get configuring.I need to open 2 custom ports but I just can't get it to work.
View 2 Replies
I have centos with software firewall enable , but i want to set up hardware firewall can anybody guide how to install and configure hardware firewall in centos
View 3 Replies View RelatedI am running a centOS 5.5 server and can't synchronize with time servers via ntpd. My server sits behind a firewall with only port 80 open and I suspect this is the issue. Do I need to open other ports to connect to the time servers at [URL]?
View 4 Replies View RelatedI need to set up my centOS computer as a firewall in my home network. Ive got 2 interfaces, eth0 and eth1. I want to allow and forward all traffic on eth0 and block all traffic on eth1 except ssh, ping(icmp) and DNS. How do I do this? Ive tried some editing in /etc/sysconfig/iptables but no luck.
View 1 Replies View Relatedhow to setup centos to act as router and firewall at our office i just installed the os now i dont know where to go from here i have all the isp adresses,dns and gateway any assistance coz am really interested in learning linux thanxs iused some instructions on this site [URL] and when i try the /sysctl.config on my terminal now i get the message permission denied
View 5 Replies View RelatedI am encountering problems to configure my firewall (through iptables) to allow apt-get features, like update and install.I have the latest debian server running in a virtual machine in my windows xp and therefore I have two interfaces in this debian server:- NAT Interfaceinet: 10.0.2.15- Host Only Interfaceinet: 192.168.56.101So far my iptable rules drop all packets for default, in exception icmp and ssh that I allow to ping and connect from my windows xp. Both of them I use only the Host interface (192...) to connect to another 192... interface on my windows.
Those are working fine, but apt is not. I know, in this very moment it shouldn't. But I made a lot of attempts trying to configure the iptables allow connections through the 80 and 21 ports from/to NAT and Host. I think I made all possible combination (or not, because it didnt work). But I'm wondering if someone more experient can help me solve this problem.
I need to restrict access to the internet and keep unwanted software out of LAN with 45 workstations at the school I teach at. I thought about configuring a proxy and firewall on SuSE 11.4?
View 9 Replies View RelatedI have tried various rules, like opening port 53 for the DNS with little success. I finally figured that you need to set the source port to 53 and NOT the destination port.However, I have been unable to figure out what ports apt-get requires. The only way I get it to work is to accept everything in iptables.
View 1 Replies View RelatedI have a question about telnet.Is there any way to configure a telnet server without disable firewall.I am using redhat 5.2 and fedora 12.I have lack of knowledge about firewall.
View 1 Replies View RelatedI'm at my wits end at this point.
CentOS 5
iptables 1.4.1.1
APF 9.7
Webmin 1.4.80 (yes i can be a gui noob at times)
I'm currently running a dedicated server that hosts a couple of sites and runs a game server or two. I was using iptables on its own for a while, but recently I'm a target of all sorts of attacks (typically aimed directly at the gameserver on port 7777. UDP flood attacks, etc). I'm also seeing an spike in foreign spam, SSH brutes, and a few people in Turkey thought it would be cute to download files over and over and over I have decided to start banning entire countries, using the subnets listed here [URL]... I'm trying to block Central and South america (189,190,200,201.x.x.x), China, Ukraine, Turkey, Iran, Spain and Italy. I do this because a majority of the traffic from those areas are usually up to no good.
I installed APF so I could easily add these ranges in deny_hosts.rules and be done with it. I added the ranges, which turned out to be too many, and the system tanked. I decreased the amount of ranges to just 4:
189.0.0.0/8
190.0.0.0/8
200.0.0.0/8
201.0.0.0/8
Restarted APF and it loaded fine. Do an apf --list and iptables --list and it shows those 4 ranges as blocked. The only issue...I have people from 190.x and 200.x connecting to the gameserver and PLAYING. Its as if the firewall isnt there. Also, adding those ranges to /etc/hosts.deny (or whatever) doesn't block them either.
I add one of my own ips and I get blocked instantly. WTF?? I look in the iptables for webmin, and it shows an empty firewall. I do iptables --list and it shows the ranges I added in APF. I'm looking at building (or whatever its called) an fresh iptables with the geoip module added in. [URL]...
I've never done anything like this, and I don't want to kill the box. I also don't want to spend the effort if 1) something is wrong with my system to begin with and 2) the geoip module doesn't work. geoip module aside....how exactly should i configure the firewall? Empty iptables completely and then rely on APF for everything? Oh and heres another tidbit: I tried this before 2 years ago and it used to be that anything I put in APF would show when i looked at iptables using the webmin module. Thats no longer the case now. That was also on CentOS 4 when it did that. I don't know if moving to 5 is whats preventing it now.
In a nutshell, I'm new at this and I'm being inundated with terrible people trying to do terrible things and I'm ready to just give up. Can someone just give me a quick rundown on:
1) how to test that my firewall is actually firewalling
2) how I should configure the/a firewall on this CentOS5. Not too specific, I just want to know if I should empty iptables then load apf, should i not bother with APF (i like it when it works), is there a specific order of doing things?
I've got a home firewall setup running CentOs 5.2. It's got two wired interfaces: inside and out and I'm successfully using iptables to filter and nat traffic in and out as expected. Recently I've added an AirLink101 AWLH4030 wireless nic that is recognized as the AR5212/AR5213 chipset. It appears that I have everything configured properly and I've eradicated every error encountered so far. Currently, I have my ath0 interface up and essid set but am unable to connect or even see the AP from my laptop. Here is a metric shit ton of debug/output for any networking gurus to ponder over:
Ethernet Devices:
Code:
alias lsEth='lspci -v | grep "Ethernet" -A 7'
Code:
lsEth
01:09.0 Ethernet controller: VIA Technologies, Inc. VT6105 [Rhine-III] (rev 86)
Subsystem: D-Link System Inc Unknown device 1406
Flags: bus master, stepping, medium devsel, latency 64, IRQ 209
[code]...
I have just installed CentOS and it is working fine!I made a masquerade with the document there: I didn't used the script, because right now, I do not completely understand it, and obviously I am not modifying anything by leaving it like that.I was using Mandriva before and I am used to graphical tools My questions are:I add the following lines in my iptables:
[root@localhost ~]# service iptables stop
[root@localhost ~]# iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
[root@localhost ~]# service iptables save
[code]....
I am learning to setup firewall in my home for that i have selected four system(sys1,sys2....sys4) for testing .I have configured sys2 to act as a firewall with two NIC. sys3 and sys4 are inside the firewall . sys1 is not connected to firewall for testing purpose.
the IP assignments are follows :
sys1 : ( fedora, not connected to firewall i am thinking, But i am not sure )
IP : 192.168.2.1 ,
gateway : blank
dns1 : blank
dns2 : blank
sys2 firewall ,IPTABLES )
code....
what happened is that sys1(not connected to firewall) can ssh to sys4(connected,inside firewall),since the rules are written not to ssh form sys1 to sys4..
then I came to know whatever the request I give, It directly goes as sys1 --> sys4. Not as sys1-----> sys2(firewall)---> sys4 .and the firewall is not filtering and processing anything for both inbound and outbound (i think it's my mistake some where). the requests are directly going inside without firewall.
I'm using virtual network (NAT network) for my domU.When I change dom0's firewall setup, the domU will fail to connect to Internet anymore.So far, the only way to bring the network back is reboot dom0 !I try to restart service network and libvirtd on dom0 ... it doesn't work.How can I bring the domU network back without reboot dom0 ?
View 1 Replies View RelatedI am brand new to this forum! I have spent some time on other Linux forums but based on my usage of CentOS I figured that it would be best to come straight to the pros. I've been using CentOS for a while now, mostly as a web server. Actually I use it as the base and installed Parallels Plesk Control Panel.
Anyway I want to setup a VPN and so far I haven't found any real solid documentation on how to do that! Yes I could install DAG/RPM Forge but what I really want to know how to do it from scratch. What I mean by scratch is that I want to download the tar.gz package from openvpn.net and then build it as required. I don't know much about building or compiling a package so that is why I have come here for help! I am guessing that I need to compile openVPN with openSSL and probably a few other packages... I could use openSWAN but I don't want to.
Which is the best firewall in ubuntu10.10 and how to configure it so that hackers do not get access to my computer, I also do use torrent.
View 4 Replies View RelatedHow do I configure the firewall? Is there a firewall or do I have to install one? I cant find a app anywhere in the menu. Running 10.10
View 5 Replies View RelatedHow do I configure a spare pc as a firewall for my home and what distro would I use?
View 1 Replies View RelatedI HAD TRIED AND COMPLETED CONFIGURING DHCP THROUGH dhcpd.conf file and now i am stucked at configuring DNS .. how to configure DNS on CENTOS.
View 2 Replies View Relatedhow to configure my firestarter firewall. I have a website which requires the port 1935 to be open. I figured out how to open the port using firestarter. Is there anyway to make the port open only to this website, and not to every other website for security reasons of course.
View 4 Replies View RelatedI'm looking forward to the release of openSUSE 11.4, which I'm looking to install as an Internet facing gateway on a mini-ITX machine with 2 Ethernet cards. As such I've been reading up on the YaST Firewall trying to find out to configure it, and there's one thing I'd like to be able to do: 'stealth' all the firewall ports.
In other words, if someone were to hypothetically do a port scan of my external IP address, I would rather they not know whether any of the ports on my gateway are open or closed, so instead of replying with the status of those ports the packets get dropped. I've been able to do this with a product called Astaro Security Gateway, which I currently have installed on a second hand Dell Optiplex machine, but I am now looking into the possibility of installing this as a virtual machine inside an openSUSE 11.4 host (extra level of security) and would like the same functionality for the host OS.
i want to configure firewall in ubuntu 9.10...
View 2 Replies View RelatedI've got my server mostly configured with Samba file shares - I can access from Linux and OSX computers. I've enabled Samba Clietn and Sambar server in the openSUSE firewall settings (on the server), but Windows 7 can't seem to connect. I've been trying to tweak registry keys in Windows and such, but had no luck. However, when I turned off the firewall on the server, I was instantly able to connect. Is there some other service or port I need to open for Windows 7?
View 4 Replies View RelatedI am novice user of linux. I need to know how to configure firewall so my system cant be compromised...In windows my system was greatly compromised. keyloggers were installed without my approval and my desktop was taken on remote. What should I do so without my knowledge no software can be installed and i can close all ports and only open which ever port is required to open. What should i do so my desktop cant be taken on remote?How do I configure user rights ? So except me no one can install any software. I will have another general user id for internet surfing
View 3 Replies View Relatedhow to configure DHCP server on centos linux and how to configure FTP server on centos linux
View 2 Replies View Relatedhow to configure my network for web traffic.Here is my setup:I have the following virtual machines, (all guest are running on CentOS 5.3);
firewall: Smoothwall 3.0, (hardware, not virtual)
guest # 1: Apache http server
guest # 2: Qmail server
guest # 3: Proftp server
I want all of these services on different machines for security reasons, (mainly the ftp server) how do I route the traffic from the firewall to the different machines? I have been looking at setting up a reverse proxy, however, everything that I have read says that a reverse proxy will not handle the smtp/pop3 traffic. Can I just use a DNS server to route the traffic?
i want to install and configure vpn server on centos 5.5 final i want to work it like that my server is in other city or country, i want to connect it in other city or country and want to use remote server internet on my computer.
View 1 Replies View RelatedI am novice user of linux. I need to know how to configure firewall so my system cant be compromised...In windows my system was greatly compromised. keyloggers were installed without my approval and my desktop was taken on remote.What should I do so without my knowledge no software can be installed and i can close all ports and only open which ever port is required to open. What should i do so my desktop cant be taken on remote?How do I configure user rights? So only root and one admin can install softwares and no one else.
View 5 Replies View RelatedI've searched a lot across the web and this forum in particular, but wasn't able to find the solution. The settings of the firewall are too cryptic to me. When the firewall is turned off everything is OK, but it is uncomfortable to turn it on and off every time I watch IPTV.
View 8 Replies View Relatedin my office we are using cyberoam firewall to manage entire network , in that lot of option is there even we can configure pptp,ipecac vpn also using cyberoam.totally cyberoam acts as a server, how can i configure ppptp vpn in centos 5 as client of the cyberoam, then only i can access the office network from my home.
View 3 Replies View Related
