General :: How To Enable Inbound Traffic
Jul 20, 2010
1. It is definitely my system and not the router. I had been accepting these connections just fine on my Fedora 6 system, but upgraded to FC11 and haven't been able to get these inbound connections working. I still have the drive with the FC6 system and whenever I put the old drive in the system, the connections work fine. So, the hardware, wiring, etc is identical between the FC6 and FC11 systems.
2. The system's firewall is disabled. iptables, and ip6tables are turned off both at startup (e.g., chkconfig iptables off) and using "service iptables stop". (Note--my router also works as a firewall)
3. sshd and httpd are both on and listening on all interfaces. "nmap -P0 -p 22,80 127.0.0.1" shows both ports open, as does 192.168.1.80. But when I use the same command looping through the external IP, the ports are filtered:
Host is up.
PORT STATE SERVICE
22/tcp filtered ssh
80/tcp filtered http
4. hosts.deny is empty.
5. The messages and secure logs do not show anything in response to the nmap scans.
Again, I'd have sworn this was my router, except that it cleanly allows the traffic when I swap the drives in my system.
View 9 Replies
ADVERTISEMENT
Jan 13, 2010
We host a web server in which we are hoping to implement some form of traffic redirection based on source IP address, and I am wondering whether the squid proxy built on iptables would be capable of managing this task? Essentially we are trying to redirect traffic from specific set of source IP ranges to a "Your IP has been restricted" type of page at a different IP/FQDN.
View 2 Replies
View Related
May 5, 2010
I have a question, on my firewall at work I am seeing a constant flow of denies from many different source IP addresses, of tcp/udp destination port 53372 & 53375.What in the world is that, and why these two ports over and over
View 1 Replies
View Related
Feb 1, 2011
I'm simply trying to make a little restriction on www packets under two rules:
1. Allow inbound/outbound www packets (works!)
2. DROP inbound traffic to port 80 from source ports less than 1024. (DOES NOT WORK!)
Now, technically, when i use hping to test my rules, hping3 192.168.100.100 -S -p80 -s 1023 I should NOT receive any packets. However, i still receive packets, which means my rule that says less than 1024 does not work. (see below)
And this is my iptables rules in shell-script so far:
#!/bin/sh
DEFAULT_NIC=eth0
SERVER_IP="192.168.100.100"
ALLOWED_WWW_PORT=80
IPT="/sbin/iptables"
[Code].....
View 1 Replies
View Related
Sep 27, 2009
Recently I notice that when I'm connected to an vpn server (pptpd) and I'm using it as a default gateway my download and upload speed decreases almost to the half of the usual speed. I made a test using iptables in order to count how much GRE packets are generated (except the real traffic itself) in that way:
Code:
iptables -I INPUT -p gre -j ACCEPT
iptables -I OUTPUT -p gre -j ACCEPT
iptables -I FORWARD -s 172.16.10.101 -j ACCEPT
iptables -I FORWARD -d 172.16.10.101 -j ACCEPT
The first 2 rules match all GRE packets between the pptpd server and client, and the next rules - the traffic between the server and the client.
When I turn the counters to zero and begin to generate traffic (to browse, to download etc.) I see that the GRE packets are even more than these in the FORWARD chain.
So, my question is first of all is my test correct and is it true that so much gre traffic is being generated during the browsing (it becames clear that the traffic is double than if the pptpd wasn't used as a gateway) and if yes - can that traffic be reduced?
View 3 Replies
View Related
Jun 1, 2010
How to check inbound and files transfer from outbound to inbound in my linux server. because in my server from outside to inside transfer is high. so its take huge bandwidth. how to check this and reduse this .
View 2 Replies
View Related
Jul 5, 2011
I'm facing a strange problem. I have a Debian squeeze machine connected to Internet through a 3G USB modem. The machine connects as expected, and I can resolve domain names and establish HTTP and SSH connections.The problem is when I try to communicate to that machine from another PC connected to Internet. The machine doesn't respond to PING and I can't connect to the SSHD installed in it. If I connect the machine to the local network, it works right.
route:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default * 0.0.0.0 U 0 0 0 ppp0[code]...........
View 1 Replies
View Related
Aug 12, 2010
How to work GNUGK for H.323 Gatekeeper.
I am having a problem, configuring static call routing on GNUGK
In the section
You can see that the routers Local-router1 and 2 has the same dialling plan.
What happens is the gatekeeper send calls randomly to one router or to the other when one of the matching extension is dialled.
What I am trying to do is to force
Any calls coming from Remote1 to go out only throught Local-router1
Remote1 =========================> Local-router1
And any calls from Remote2 to go out throught Local-router2
Remote2 =========================> Local-router2
View 1 Replies
View Related
Apr 27, 2010
We have something on our network that is reaking havoc with our content filter. I am trying to track it down, but so far I have been unsuccessful. We have approximately 500 devices in 100+ different locations spread across 9 states. Looking at each computer is not really feasible.
I need a machine that can sit in between our network and our internet connection and graphically monitor in real time and logs how much traffic each device is sending and receiving. It would need to sit inline so it has to have two nics and be able to pass traffic. The machine also needs to be transparent. Reconfiguration of our routers or workstations is not an option.
I have used ethereal and wireshark before. Ethereal may be a viable option, but wireshark seems to provide lots of information, but no practical way to make use of it. how to set up the box to be a transparent device on the network that will allow internet bound traffic to flow (freely)?
View 3 Replies
View Related
Sep 29, 2010
I need to set up my centOS computer as a firewall in my home network. Ive got 2 interfaces, eth0 and eth1. I want to allow and forward all traffic on eth0 and block all traffic on eth1 except ssh, ping(icmp) and DNS. How do I do this? Ive tried some editing in /etc/sysconfig/iptables but no luck.
View 1 Replies
View Related
Mar 15, 2011
I wanted to tell my server to block all traffic but US only traffic. So i followed this guide:[URL].. Now I know, it's the best way to help prevent hackers/crackers (doesn't matter to me what they are called. I just have to stop them). My server only deals with US clients anyways so might as well just start right there for my server's security before getting into the brute force and injection preventions. So I got it all done compiled everything moved to the proper directory. I then started to setup my iptables. Like so
Code: iptables -F INPUT
iptables -F OUTPUT
iptables -I INPUT 1 -s *.*.*.* -p tcp --dport 22 -j ACCEPT
iptables -I INPUT 2 -s *.*.*.* -p tcp -j ACCEPT
[Code]...
After seeing that i went digging in the code and figured it was something todo with memory allocation.
View 1 Replies
View Related
Feb 10, 2010
I recently installed Deluge 1.2.0 from the following PPA:[URL]I using this on two different Linux computers. One is running Linux Mint 8 and the other is running Ubuntu Netbook Remix 9.10. The first time on either computer when I enable WebUI in the Deluge GUI it works fine. However if I ever disable it in plugins section I am subsequently unable to re-enable it (doesn't appear in the side panel again). Rebooting or reinstalling Deluge seems to have no effect.Is this a bug or am I doing something wrong?
View 3 Replies
View Related
Mar 14, 2011
Looking at the output of netstat, I'm not seeing a definitive way to tell which torrent connections are clients reaching in to my machine vs my machine reaching out to the world. Is there a clear way to determine which is which?
View 1 Replies
View Related
Apr 6, 2011
I am running Ubuntu 10.10 I have an question about the firewall Firestarter, when checking the firewall it told me there are 9 serious incoming connections what must I do with this info. Inbound is normally blocked as standard i have also see that someone with port 1234 and 12345 have trying to attempt mine system but failed all trojan ports are fully blocked.
View 2 Replies
View Related
Apr 7, 2011
I'm trying to adjust the firewall to only inbound syn connections.
To Allow all home subnets access to port 53 both tcp/udp but deny the rest.
View 1 Replies
View Related
Jul 22, 2011
Is there a way I can count inbound/outbound mails for a particular user? I'm using sendmail as MTA and dovecot for POP3.
View 1 Replies
View Related
Jun 13, 2011
We are planning on rolling out a mail service that will backend a webmail/groupware interface using postfix and dovecot, and we are trying to nail down an architecture for the system. I was hoping I could get some opinions from you good people on the different models we have come up with, and any improvements. To preface this discussion, we use NFS as the backend storage for mail so that clusters of mail servers can be created.
One possible solution is to separate three services, inbound email, outbound email, and message retrieval onto separate servers. We currently run a mail system with 65K users in this manner and it works, but there is a lot of wasted cpu on the inbound and outbound mail servers. where the dovecot servers are doing most of the work.
Another solution would be to combine the dovecot and inbound postfix servers to run dovecot as the local transport agent for postfix with LMTP, giving us quota and sieve capability.
The last solution is to run all three services on the same machine, giving us a single server image that we can clone on demand when we need to add more performance.
The single server, all three services, solution seems to be the simplest to build and manage, but putting all your eggs in one basket like that concerns us. What if there is a sudden influx of mail from our filtering platform, and it slows down all the other processes? What if the NFS server becomes disconnected from the network and the load average on each server skyrockets killing the ability for outbound mail to flow (where a separate outbound mail server would continue running despite this issue)?
View 10 Replies
View Related
Apr 28, 2010
RHEL 5.4 i want to be able to do redistribution of inbound syslog messages to syslogd. as example, my syslog.conf has in it at the end:
*.* @192.168.5.5
*.* @192.168.5.6
my sysconfig/syslog file has "-r" as the only option for syslogd. any messages generated by the localhost will be sent to the two remote servers, but messages that come into this box (udp 514) only get logged locally and do not get sent out to the remote hosts.
you may ask why do i want to do this. because i have several syslog servers (for security purposes) and many of my net devices are configured to send syslog to all the syslog servers, hence each device is sending way too much duplicate udp-514. so i would like to minimize the udp-514 coming out of the devices, have all devices send to a central syslog server, and then central syslog server do distribution to the other syslog servers. others have also called this "syslog proxy". or, if not with syslogd, how to achieve this (preserving the original syslog message host info, etc)?
View 1 Replies
View Related
Mar 7, 2011
I understand winxp pro limit the inbound connection to 10 and win7 to 20. Is there a limit for ubuntu server?
View 2 Replies
View Related
Jun 21, 2011
I have installed apf-9.1.7 on linux,after installation inbound activites stopped as per the rules defined.I have added port 20,21 (ftp) in IG_TCP_CPORTS,but still ftp is not working from other Pc.
View 1 Replies
View Related
Mar 22, 2011
I have configured a sendmail MTA for incoming mails in a network and by using IPtables i have redirected the traffic internally to other port where one more SMTP by a application is running.Iptables rule:
iptables -A INPUT -i eth0 -p tcp --dport 25 -j ACCEPT
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 25 -j REDIRECT --to-port 25000
My sendmail config is as below.
Sendmail.mc
define(`SMART_HOST', `relay:host.subdomain.mydomain.com')dnl
dnl # define(`RELAY_MAILER',`esmtp')dnl
[code]...
View 2 Replies
View Related
May 20, 2011
I have a system running 11.04 and it is dropping packets on the hardwired ethernet interface to other systems on the LAN, only in the inbound direction. It drops packets every 5 seconds. I verified this with iperf. Outbound packets pass with no problems. The network card in this system is a Broadcom Corporation NetXtreme BCM5752
View 9 Replies
View Related
Apr 9, 2010
I have two IP address on my iMac I want to "bridge". I'm not sure what the proper terminology is... here's the situation.
My iMac has a firewire connection to my laptop and an ethernet connection to the rest of my office. My laptop has an ip of 192.168.100.2 (on the firewire interface). My iMac has an IP of 192.168.100.1 on the firewire interface, and two IPs, 10.1.0.6 and 10.1.0.7, on it's ethernet interface.
If I wanted to forward all traffic coming in from 192.168.100.2 on my OS X machine to go out on IP 10.1.0.7, and vice-versa, can this be done? I assume I would use the ipfw command.
Essentially I want to "bridge" the firewire network to the ethernet network so my laptop can see all the machines on the 10.1 network, and all those machines can see my laptop at 10.1.0.7. Is this possible?
View 3 Replies
View Related
Jan 7, 2011
here is what i need to do: [url]..... resolves to 209.5.5.5 which is my public IP on the external side of my router. Router is setup to forward (port forwarding) all port 80 based traffic to internal ip 192.168.1.10 which I want that server to lookup the request, and for web1 forward to 192.168.1.101, for web2 to .102 etc....how can i acheive this? What do i need to use?
View 6 Replies
View Related
Dec 8, 2009
I need to log outbound (server -> remote) ssh traffic, but am unsure of the best way to do this.
I added this to iptables, but nothing is being written to the logs when I ssh from the server to another system.
iptables -A OUTPUT -m state --state NEW -j LOG --log-uid iptables-save
View 2 Replies
View Related
Mar 17, 2010
i used the angry ip scan software and found alot of the public ip addresses on our network are accessable from outside when they are not suppose to, For eg printers/ pcs etc. to make a start on locking down the network i was wondering if anybody knew th iptables command to add a rule which blocked all incoming traffic to specific ip adresses on the network and to a range of ip addresses.
View 7 Replies
View Related
Dec 14, 2010
I have two Linux processes communicating via a nameless pipe. How can monitor the traffic in the pipe? How can I inject data into the pipe? I have root access and know the pipe inode.
View 2 Replies
View Related
Aug 2, 2011
I'm looking for a live Linux distro that is secure and preserves my anonymity online. For what I need, Tor seems to do the job - but such software requires configuration that someone who is not knowledgeable in how it works might find difficult. I was looking at 'Lightweight portable security' but it does not specify whether it sends all traffic through Tor. Does anyone know more information about it and/or any other such live Linux distro?
View 3 Replies
View Related
Aug 17, 2011
When I have Skype running (not in "Offline" mode) I often see it start eating about 0.5 kb/s of my traffic (so the network quota meter is dropping inevitably and internet stops soon). When I restart Skype or make it go offline-online, it starts forwarding it's things again soon.
How to have Skype available for chat, but not sapping my traffic (at least when "ppp4" is up)? I feel the majority of traffic spent by Skype is unrelated to my own activities (I mostly use text chat).
View 1 Replies
View Related
Jan 22, 2010
I am on a slow Internet connection and it really makes me mad if something gets downloaded in background (like automatic update of any software) without my knowledge.
How can I monitor my network traffic sorted according to the "which binary file is using how much"? I can find the total transfer rate in "System Monitor" in Gnome, but what if I want to find for individual process. There are softwares like netmonitor in Windows, but how can I achieve that in UBUNTU LINUX.
GUI application will be nice, command line software will also be fine..
View 2 Replies
View Related
