How would one block an IP range access to a Debian-based Linux system for say 47.1.1.1. - 48.255.255.255? Would it be with the hosts.deny file? If so, how would it be written in the file? Also, would the system require being restarted for the changes to take effect, after writing to the file?
View 14 RepliesI am currently running Debian 6. I would like to know if there is a way and how i would go about blocking a certain IP range from connecting to my server within a certain port range. Say for example.
i want to block ip range 123.123.123.* from connecting to my server on the ports 33000 - 43000. But, i want to allow them to connect on any other port range, and i want to be able to allow connections from my server to the blocked ip range on those same ports. so, blocking incoming only on the above port range.
using iptables.
I'm assuming that the following should block the complete 178.123.xxx.xxx address range.
Code:
iptables -I INPUT -s 178.123.0.0/24 -j DROP
Then I believe that I need to save this change.
Code:
service iptables save
iptables: Saving firewall rules to /etc/sysconfig/iptables:[ OK ]
However, I'm not so sure that it is actually working based on the fact that there continues to be access to my wiki from that address range. The following is after I made the firewall change.
Quote:
178.123.177.61 - - [31/Dec/2010:04:24:40 -0500] "GET /mywiki/Opera%20Web%20Browser?action=edit&editor=text HTTP/1.1" 200 6346 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
code....
Let me state that I'm new at this iptables thing. I did some reading and decided that I need to make the above change to the firewall but it doesn't seem to make a difference.
I am setting up a iptables firewall on one of our servers, and I would like to block a range of addresses from getting into the system. I am using a script that does a BLACKIN and BLACKOUT methodology for specific addresses. One example is the following:
Code:
$IPTABLES -A BLACKIN -s 202.109.114.147 -j DROP
...
$IPTABLES -A BLACKOUT -d 202.109.114.117 -j DROP
What would be the correct syntax to use if I wanted to block an entire remote subnet from getting into the server?
I am currently having problems with my server. Its being DDOSed. I have a vps with Centos 64bit. The attack I want to block is udp flood. I was trying to do something like this: iptables -I INPUT -p udp --dport 123 -m limit --limit 40/s -j DROP but instead of blocking certain hosts it blocks the whole port and during the attack its unreachable. How to limit packets per host or any other way to protect from udp flood.
View 11 Replies View RelatedWorking fine: ==> scp my_log-bin.01393[0-9] root@192.168.103.66:/backup/ error - No such file or directory: ==> scp my_log-bin.0139[30-99] root@192.168.103.66:/backup/
View 4 Replies View Related when I try to connect to internet SELinux give my a preventing NetworkManager here is what its say:
Code:
Summary:
SELinux is preventing NetworkManager (NetworkManager_t) "getattr" to /dev/ppp
(ppp_device_t).
[Code]....
i am running a ad hoc wifi service from my laptop to share my internet connection with my other laptop
i am also running mobloqer on the first laptop.
but when i try to access internet in my other laptop, i cant do it unless i disable mobloquer in the first laptop,
but with mobloquer switched on(in the first laptop), i can use utorrent on the second laptop but cant browse any websites (using firefox or chrome !)
first laptop is running ubuntu 10.10 second laptop is running win xp sp2
i want to allow internet access in the second laptop while mobloquer is running on the first laptop, is it possible to do so ?
I'm running a program called Synergy+ to let my keyboard and mouse control multiple computers. One of Synergy+'s features is that clipboard (copy-paste) data is able to be shared, as in copy on one machine, paste onto another. I would like this functionality removed but Synergy+ has no way to disable it. I'm looking for any ideas to block clipboard data from being transferred. Is there a way to block a program from accessing the machine's clipboard data?
View 5 Replies View RelatedI'm trying to setup ssh access on my Fedora 12 laptop. I get the following error message in /var/log/secure when I try to login from another machine using ssh and the login is denied:
Code:
sshd[3025]: error: Could not get shadow information for <user>
sshd[3025]: Failed password for <user> from <ip> port <port> ssh2
If I do a 'setenforce 0' I can login and no error is logged.
i have the following system in my lan.
firewall(iptables)
etho(private) - 192.168.2.1
eth1(public) -189.117.57.2
squid server at 192.168.2.10
my request is that i have to make all out bound internet connection should go from proxy server , not directly to firewall. Please specify a iptable rule for blocking direct internet access. my clients ip ranges from 192.168.2.20 to 192.168.2.47
I have been searching and reconfiguring for 6 days now and have lost several clumps of hair.. PROBLEM: I want 2+ virtual hosts on my ubuntu server (1 ip) BUT - Only the first "alphabetically" listed sites-enabled shows.
[Code]...
[Code]...
I have been searching and reconfiguring for 6 days now and have lost several clumps of hair.. PROBLEM: I want 2+ virtual hosts on my ubuntu server (1 ip) BUT - Only the first "alphabetically" listed sites-enabled shows.
000-default
[URL]
Individually they all work (if i a2dissite for each leaving 1)
[Code]....
it seems i have tried everything that everyone else is having issues with but nothing seems to fix mine. Possibilities:
1) EC2
2) Permissions on the files - I changed everything to the apache2 user "www-data" - no dice.
3) I am a dope...lets hope its that and one of you kind people point me to my issue.
I am using VSFTPD. I want to restrict access from perticular range of IPs. Ex: 172.10.*.* How can i restrict access to server from a range of IPs?
View 3 Replies View RelatedI can't seem to get the X server to allow access from clients on other hosts. (I know, not exactly a network problem, but. I made the change in /usr/share/gdm/defaults.conf to be : DisallowTCP=false
and this worked on another CentOS system, but it hasn't fixed it on this one. What other things could prevent other clients from connecting to the X server? From the local host, I get :
Warning: Tried to connect to session manager, Authentication Rejected, reason : None of the authentication protocols specified are supported and host-based authentication failed although the client DOES actually create the window and work! So, maybe this message is a clue.
From the remote host, I get : Error: Can't open display: 10.10.1.20:0.0 Which is not terribly informative. Is there a log somewhere which details why a connect request was denied? The files in /var/log/gdm are not very informative.
I currently have an Apache Web Server running on Ubuntu 10.4 and I use a DynDNS service to make them accessible to the outside world via a domain and/or subdomain.
My configs currently look like this:
<VirtualHost *:80>
ServerAdmin <obscured>@<obscured>.com
ServerName <subdomain>.<obscured>.com
ServerAlias <subdomain>
[Code].....
This works fine from access outside of the network and all subdomains resolve to the correct directory.
The problem I am having is with accessing a subdomain over my internal network.
I can access the Web Server using the server's IP address: http://192.168.1.123/ but this always takes me to the same virtual host and I don't know how to distinguish between different virtual hosts (different subdomains).
Ideally I would like to access the same subdomains using http://<subdomain>/ where <subdomain> is the same as the subdomain attached to the external domain name.
For system calls, is blocking or non-blocking default in C? Simple question, just am not seeing the answer super quickly.
View 4 Replies View RelatedI have annoying problem. My setup is the following: debian Linux, 64 bits, VMWare workstation 7 host, with Windows XP running as guest. From Firefox, or Internet Explorer, I am unable to access few sites, for example nvidia.com, osdir. Basically get connection timed out, on the other hand ping works to those sites. Moreover, Slashdot loads very very slow and sometimes gets horrible text-only version.
everything works fine on Linux host
I suspect it has something to do with routing on Linux, I recall having similar problem long time ago, which was fixed by setting something in /proc.
I tried setting MTU and TCP window size on Windows lower, but did not help
I installed Apache2 and I added a second virtual host, now can i separate the 2 hosts and let them access 2 different internal test sites? For Example lets say"
User1 uses one IP
User2 uses second IP
How can I separate it in Apache2 and in the /var/www ?
I'm trying to write an iptables config file, but got stuck.So I want to define an IP range that allows full access eth0-eth1 forwarding, and another that is allowed to access some special ip-s. The first part works, I could make the range has full access:
iptables -A FORWARD -m iprange --src-range 192.168.80.20-192.168.80.40 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -o eth1 -i eth0 -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward
But cant find out, how tom make the second rule. How could I put speicified target ip-s in this? I've tried to make a new chain:
[Code]...
I have a device that is working on modbus protocol andI have written a small program(with block TCP read method ) to read its registers via modbus protocol.my program is working very well but except those times that I unplug the Ethernet cable or turning off the modbus gateway during programs work.at this time my program stops on recv system call (if it reach this system call exacly when I unplug Ethernet cable or turning off the modbus gateway during programs work).I changed my source to work in nonblock TCP method, at this time with the same situation my program does not stop/block on recv system call but after pluging back the Ethernet cable or resuming the connectivity situation back it reads data incorrectly .this is my code:Quote:
#define DEBUG
#include <fcntl.h>
#include <string.h>
[code]...
I want to give access to a student to a server in order to make repeated trials of traceroute to different hosts. We have realized that it is preferable to use the -T option, as it sends TCP packets that are less commonly blocked by firewalls. However, this option is only available to superusers, and I don't want to grant the student such privileges.
View 2 Replies View RelatedI'm trying to use ssh-keyscan to get some known_host file population going on, but I have a ton of hosts I want to scan, all with multiple aliases in /etc/hosts. Is there a way to use my current /etc/hosts file to do an ssh-keyscan instead of making a special list of hosts that (from what I've read) ssh-keyscan needs?
View 2 Replies View RelatedWell, as many proxy applications, GNOME Network Proxy Preferences only allow to ignore hosts. What I want to do is exactly the opposite. I only want to use the proxy for few sites. Is it possible to define only the allowed hosts in any way?
PS: I know FoxyProxy add-on for Firefox does this, but 1)I don't use Firefox and 2)I want the proxy settings system wide not only for browser.
get me understand the short range and the long range links from routing (and routing protocols') point of view.
View 6 Replies View RelatedI want to plot a set of data in only one plot.The problem is that some points of the data should be better plotted in a linear scale (lets say 0 to 100,000) but there are other data points that, exceding the value 100,000, would be better plotted in a logarithmic scale, as they goes in the range 100,000 to 500,000,000. Let's say the data is:
Code:
X Y
0 100
10000 80
20000 75
[code]....
Is there a way to plot all these points in the same plot in only one X-axis showing two different ranges in that axis: linear: 0-100,000 logarithmic: 100,000 - 1,000,000,000?The axis would be read, for example, as:
Code:
|-----|-----|-----|-----|-----|-----|-----|-----|-----|
0 20k 40k 60k 80k 100k 1M 10M 100M 1G
(The abbreviations k-M-G are not the important point. Just shown for clarity)
I want to build a bash script, which can ping a range IP adresses which will be filled in by the admin. If there is no IP-adress filled in, then the script must ping the subnet where the system is logged on. So if my ip is 192.168.1.6, then the script must ping from 192.168.1.1 till 192.168.1.255 Or else, if there is given a beginning and ending ip it must ping that!
The first part of the bash script is to ping a given range (see below). But there is one problem, how can I tell the script to ping from $begin till $end, [..] is of course wrong! But what must be filled in there???
echo "Enter beginning IP-adres:"
read begin
echo "Enter ending IP-adres:"
read end
ping -c 1 $begin [..] $end
The second part is to find my own ip and ping the whole range.. How to do that? I only can find my own IP, but I cant ping the whole range,, how to do that?
#!/bin/bash
ifconfig | grep 'inet addr:' | grep -v '127.0.0.1' |
cut -d: -f2 | awk '{ print $1 }'
Probably an easy (which means stoopid) question...I am trying to reroute a website using my hosts file so that it matches my servers certificate file for testing without effect dns and the live site.When I went to edit my /etc/hosts file it is non-existent. I have, I am assuming in it's place, hosts.allow and hosts.deny. Can anyone explain why I do not have a hosts file?
View 1 Replies View RelatedMy firewall keeps blocking something called CPQ-Wbem. There have been about 10 instances of this.
A machine on the network is advertising it runs, or looks for machines running, Compaq Insight Manager on TCP/2301. If the machine isn't yours or you haven't enabled Compaq's web-based remote management then silently drop it.
Now as far as i know i do not have a network, just a dsl connection. I also do not own a Compaq computer. So if someone who has some knowledge of this could you explain to me how a " network is advertising it runs, or looks for machines running, Compaq Insight Manager on TCP/2301 " . This would seem to me to be a local network thing not a www thing ?
I am running a VPN (Juniper Networks client) and an ifconfig shows me that its opening a tunnel and also adding routing instructions (I think). Anyway the problem is that when I'm connected to the VPN, I lose route to all my local machines and this is getting annoying when I want to use ssh.Does anyone know how to not route a certain range of IP's through the VPN?
View 4 Replies View Related