Networking :: Block Web Access With Iptables ?

Apr 25, 2010

Just wondering if it is possible to block web access on a certain ip address with iptables.

Iv seen guides for blocking web traffic on a whole network but i want to just block a single host from accessing the web.

View 14 Replies


ADVERTISEMENT

Networking :: Block IM With Iptables Or Squid?

Dec 24, 2008

in my office i have to block all messenger like yahoo messenger, windows live messenger, i have to block websites like www.yahoo.com, some more web sites. i need guidance through which i can accomplish this task through ip tables or through squid server. i can use squid but i had heard that squid blocks pop and smtp also. squid creates some problem in receiving and sending email. i am using red hat linux 4 box and installed squid having two ethernet card 1 is connected to adsl line and 2 is connected to switch. all clients will have proxy address of this linux box. guys need ur help ASAP.

View 2 Replies View Related

Networking :: Block The Urls With Iptables?

Feb 22, 2010

I have a server with slackware 12 and i try to block 2 web sites but without success. I write in iptables rules /etc/iptables.conf

iptables -A INPUT -s web.org -j DROP
iptables -A OUTPUT -d web.org -j DROP

but no effect. What rule i must write to block url`s?

View 4 Replies View Related

Networking :: Using Iptables To Block IP Addresses Automatically?

Dec 7, 2009

I want to use iptables to automatically block all IP addresses who send UDP packets with length 11 more than 3 times per 10 seconds.

View 1 Replies View Related

CentOS 5 Networking :: Iptables DOS Temporarily Block IP?

May 5, 2011

I have the requirement that if our website receives 20 or more requests within 60 seconds, to block the offending IP address for 5 minutes, then allow them access again. My only certain mechanism to do this is iptables. I wrote the following series of commands:

iptables -N RATE_CHECK
iptables -N DOSAttack
iptables -N RemoveBlock

[code]...

I am limited in my testing, but the little I have been able to test seems to be having no effect. will the above commands have the desired effect.

View 4 Replies View Related

Fedora Networking :: Block App Using Iptables / Rope Scriptable Method?

Oct 27, 2010

I Need to know how to block this applications using iptables or ROPE scriptable Method..?..

1.Web navigation
2.Electronic mail
3.FTP transfers
4.Video traffic (multicast video stream and unicast video stream)
5.VoIP service
6.Instant Message (MSN and yahoo messenger�etc)
7.Management service (TR-069 and SNMP)

View 6 Replies View Related

Ubuntu Networking :: Iptables: Block Incoming And Allow Outgoing Traffic

Jan 6, 2011

I need to configure iptables to block incoming traffic (except specific ports), but allows all outgoing traffic.

I am able to block incoming traffic, but doing so also prevents outgoing traffic (tested by telnet [URL] 80)

The following was used:

iptables -A INPUT -p tcp --dport ssh -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -A INPUT -j DROP

Also, even allowing NOT SYN requests still prevents outgoing traffic.

iptables -I INPUT 1 -p tcp ! --syn -j ACCEPT

Another point:

# modinfo ipt_state
modinfo: could not open /lib/modules/2.6.18-028stab070.14/modules.dep

How to install ipt_state module on ubuntu?

View 2 Replies View Related

Networking :: Block This Applications Using Iptables - ROPE Scriptable Method?

Oct 27, 2010

I Need to know how to block this applications using iptables or ROPE scriptable Method..?..

1.Web navigation
2.Electronic mail
3.FTP transfers
4.Video traffic (multicast video stream and unicast video stream)
5.VoIP service
6.Instant Message (MSN and yahoo messenger�etc)
7.Management service (TR-069 and SNMP)

View 1 Replies View Related

Ubuntu Networking :: UFW, Block Access To An Internet Site?

Oct 29, 2010

How can I block access to a certain internet site using ufw? Let's say I want to block access to www.xxx.zzz (IP 1.2.3.4) to any program and user; using iptables I can do

sudo iptables -A OUTPUT -d 1.2.3.4 -j DROP how can I do that using ufw? if ufw can not do this, where should I put this rule to persist it over reboot, without interfering with ufw chains infrastructure?

View 5 Replies View Related

Networking :: Preventing Access Through Iptables?

Jul 9, 2010

I am trying to lock down our application and server with iptables. Anybody have any idea how to prevent accesses to the application from another application? Basically I opened up the ports 80 and 443 for the application server. However, the application points to other apps (ie. database, ldap). I want to limit what it can connect to or who can connect to it. Bascially I can limit who connects to the server itself but the application can still get input from outside servers.

View 4 Replies View Related

Fedora Networking :: Block Virtual Machines Access To Server

Nov 10, 2009

in my network, users has total access to their PCs, so theres a problem to filter (URL, ports,etc.) their virtual machines installed (they can assign self any IP, e.g.)

Id thought about use the MAC prefix in VMware VMs (00:0c:29:*), but i can only found a way through DHCP, and this isn't a good solution (they can assign a static IP to workaround...)

It will be better using firewall (iptables), but I don't found the way to add rules based in MACs with wildcards.

View 2 Replies View Related

Networking :: IPtables And Samba - No Access To Workgroup PCs

Feb 27, 2009

At first I installed debian 5 and I want enter on my workgroup using windows XP PCs, in same time I want use firewall now when I stop firewall I can access on the pcs but when I start iptables and open port for samba such as 137,138,138 and 445 I can't access on any PC on work group this is the output of iptables - L command:

Code:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT udp -- anywhere anywhere udp dpt:netbios-ns state NEW
ACCEPT udp -- anywhere anywhere udp dpt:netbios-dgm state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:netbios-ssn state NEW
ACCEPT tcp -- anywhere anywhere tcp dpt:microsoft-ds state NEW

Chain FORWARD (policy DROP)
target prot opt source destination

Chain OUTPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere

View 6 Replies View Related

Networking :: IPTables - Cannot Ping Or Access Internal Server

Mar 31, 2010

Basically, I have a windows 2003 server virtual machine (vmware) inside Ubuntu 9.10.

The Ubuntu machine has IFconfig:
Code: sam@sam-laptop:~$ ifconfig
eth0 Link encap:Ethernet HWaddr 00:15:c5:b8:c8:8b
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Interrupt:17

Why can't I ping or simply access the internal server on my ubuntu machine from a another computer on the 192.168.1.0 (slash)25 physical network? Do I need a bridge? Iptables?

View 4 Replies View Related

Networking :: IPtables - Allow PPTP Server To Access Internet

Jan 24, 2010

I'm running an own PPTP Server, but I can't get it to access the internet. All my PCs at home run in the 192.168.0.0/24 net, the PPTP Server has local IP192.168.0.5 and remote IP 192.168.0.80-99. The router to the internet is at 192.168.0.1, and the IP of eth0 on the machine where the pptpd runs is 192.168.0.4. I want to be able to connect to the internet trough that VPN and access my local LAN servers (which works fine so far). I can ping internet and local IPs successfully, but can not access them with a browser, or connect to them in any other way. I have 'accepted' all in/output and forwards.

I am running a Squid proxy on the same machine, and if I do:
iptables -t nat -A PREROUTING -j REDIRECT -i ppp0 -s 192.168.0.0/24 -p tcp --dport 80 --to-port 3128
I can access the internet through Squid, but of course Jabber/ICQ etc. Won't work then because it just refers port 80. But I want the PPTP Clients to connect to the internet directly, if I don't use that rule it's not possible to load any pages. But pinging works all the time. DNS is also working fine, but I can't even access webpages via IP directly. How can I allow the PPTP IPs 192.168.0.80-99 to get direct access to the Internet with Iptables?

View 3 Replies View Related

Networking :: Ubuntu Iptables - Restricting Access Assistance

Jan 14, 2010

I have a small home network with a router to the outside world and an ubuntu server through which traffic passes first.My ISP limits my download usage during the day, which traditionally has not been an issue, but now the children come in from school, boot up the internet and up goes my usage!Ideally I would like to be able to restrict them to IM and maybe certain specified URLs (I think the latter probably needs to use Squid though?). Once the download limits are lifted, I would like my iptables to allow HTTP, etc, but pretty much block most other things.

I have two sets of iptables currently to approach this issue, with a cron job that runs to swap between one and the other.Chains run in order, so if rule A says allow x, and rule B says drop all, then X should still be allowed. However, try as I may, this is not what happens in practice. I have even tried changing the overall order from ALLOW to DROP in FORWARD and then approach from the other angle. That didn't work either. *IS* it actually possible to block all but http / https and IM? These are myrules:

Code:

# Generated by iptables-save v1.4.4 on Sat Jan 9 19:15:49 2010
*nat
:PREROUTING ACCEPT [583:45175]
:POSTROUTING ACCEPT [694:60887]
:OUTPUT ACCEPT [143:18642]

[code]....

View 14 Replies View Related

Security :: Iptables To Block Ip From Ftp?

Mar 6, 2010

Is this how I would do that?

iptables -A INPUT -p tcp --destination-port 21 -d ! 168.192.1.2 -j DROP

This should block all incoming connections on port 21 from 192.168.1.2, correct? Thus preventing that IP from logging into my FTP.

View 1 Replies View Related

Fedora Security :: Iptables - Block Everything From Getting In My Pc

Mar 17, 2009

What i wanted to do was block everything from getting in my pc but still be able to surf the web and still use instant messenger.

View 2 Replies View Related

Ubuntu :: How To Block All Outgoing With IPTables

May 10, 2010

I want to block all outgoing traffic with iptables and only allow a few specific websites. I would like to get the code to do so and also to revert the changes in case I want to unblock them.

View 1 Replies View Related

General :: Block And Allow IP Using Iptables In RedHat 4.0?

Aug 3, 2009

I have blocked below IP by using iptables command in RedHat Linux 4.0.

Code:

iptables -A INPUT -s 192.168.0.85 -j DROP

It's now totally blocked and can't get access into web or internal network. how I can un-block that IP, so that it can again starts it's normal operation.

View 2 Replies View Related

General :: Block Some Ipaddres In Iptables (Ubuntu)?

Aug 3, 2010

Currently I have 2 Lan card in My System one for communicate client pcs (Lan card Ip 192.168.1.100) and other for Internet (Lan card ip 192.168.0.100.) All client pcs are in 192.168.1.0 Subnet Here i implement my system as router through iptables all clients are communicate through only 192.168.1.100 (clients default gateway also 192.168.1.100) Now no problem for forward rules when my system is active all clients are get internet.

Output of iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

[code]....

Now i want to block some ip address and port ways i tried lot of things in internet when i type iptables -A INPUT -s 192.168.1.150 -j REJECT (i found in internet it will block that ip address for getting internet and any access through my sys)

Now th Output

Chain INPUT (policy ACCEPT)
target prot opt source destination
REJECT all -- 192.168.1.112 anywhere reject-with icmp-port-unreachable

[code]....

it will block icmp protocol only I want to know how block ipaddress and port address ways...

View 1 Replies View Related

General :: Block UDP Protocols In Iptables - Ubuntu ?

Aug 5, 2010

Currently I have 2 Lan card in My System one for communicate client pcs (Lan card Ip 192.168.1.100) and other for Internet (Lan card ip 192.168.0.100.) All client pcs are in 192.168.1.0 Subnet

Here i implement my system as router through iptables all clients are communicate through only 192.168.1.100 (clients default gateway also 192.168.1.100) Now no problem for forward rules when my system is active all clients are get internet.

Now i have problem with blocking UDP protocols i tried lot of things in net iptables -A INPUT -s 192.168.1.0/255.255.255.0 -p UDP -j DROP

But it's not blocking UDP protocols (i change UDP to ICMP Protocols then icmp is blocked every ip address)

View 9 Replies View Related

Security :: Iptables - Block Bad And Not Related Packets

Jun 8, 2011

My VPS host a mail, blog and web site. So i want to block port i not use. The port that i use is 80,21,2022,443. The other port will be drop. I want to block bad packet and all packet that not related. Can anyone how to write in iptables?

View 2 Replies View Related

Server :: How To Block HotSpotShield In Squid / Iptables

Nov 9, 2010

Does anybody know how to block HotSpotShield in squid or iptables?

View 2 Replies View Related

Debian Configuration :: IPTables Output Block Not Local

Sep 19, 2015

I try to create some rules to detect an outgoing traffic from my debian jessie that is not from my IP or loop.

#!/bin/bash
/sbin/iptables -N C_OUT_N_LOCAL
/sbin/iptables -N C_OUT_N_LOCAL_LO
/sbin/iptables -A C_OUT_N_LOCAL -m limit --limit 2/min -j LOG --log-prefix "PK: output not local : " --log-level 4

LO_IP="127.0.0.1"
MY_IP="192.168.0.4"

/sbin/iptables -I OUTPUT -p ALL ! -s $LO_IP -j C_OUT_N_LOCAL_LO
/sbin/iptables -A C_OUT_N_LOCAL_LO -p ALL ! -s $MY_IP -j C_OUT_N_LOCAL

View 0 Replies View Related

OpenSUSE Network :: Block All Ports But Port 80 With Iptables (DMZ)?

Jun 25, 2010

I have a Suse 10.3 router with 4 network cards. 1 is to connect to the big network and thereby also the internet, 2 are for 'client' subnets and I want to use the last one as a DMZ. In this DMZ will be a web server which has to be accessible from the other 2 subnets and from the big network. I could do it with a few simple clicks in Yast firewall, but I have some issues with this firewall and there for I want to use it as minimal as possible, using Iptables.

So now I'm struggling a bit with Iptables. Basicly what I'm looking for is how to block all ports but 80 in this last subnet with iptables.

View 5 Replies View Related

General :: Block All Ports Except SSH / HTTP In Ipchains And Iptables?

Jun 15, 2010

How can I block all ports except

ssh (port 22)
httpd (port 80)

using iptables and iphains?

View 1 Replies View Related

Ubuntu Security :: Block All Ports Except Pop And Smtp In NAT Through Iptables?

Jan 20, 2010

how to block all ports except pop,pop3,smtp in nat using iptables in squid on redhat A3

View 2 Replies View Related

Ubuntu Security :: Iptables, Block Port Except For Eth0

May 24, 2011

I would like to allow incoming and outgoing connections when I'm connected to a wired connection, but drop it otherwise. I noticed that ufw can't block outgoing traffic because of will I give iptables a try. I'm unsure if dropping packages that are outgoing will work, the rule after the block rule will allow all outgoing connections.

This what the rules are intended to do, unsure if that is actually the case. Allow all loopback traffic. Allow ping replys Allow incoming on port 12345 if eth0, deny otherwise. Allow outgoing on port 12346 if eth0, deny otherwise.

Code:
iptables -A FORWARD -j DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 0 -s -m state --state ESTABLISHED,RELATED -j ACCEPT

[Code]....

View 3 Replies View Related

Security :: Block IP After Failed Login Attempt Using Iptables?

Aug 11, 2009

I keep getting hundreds of SSH failed logins per day. Is there a way with iptables, i can say if a user connects too to port 22 over 8 times in 10 minuntes, then block them for an hour?

View 7 Replies View Related

Server :: Use Iptables To Block Multiple Requests From The Same Ip Within A Certain Time Frame?

Oct 17, 2010

I run a small home server (Debian 4), which acts as my gateway to the internet (ie, firewall) and runs a web server, dhcp, dns, and acts as a file server to the rest of the machines on my home network. Now I know it's never a smart idea to have all those services running on the same machine that is acting as a firewall, but I don't fancy running multiple servers just for home use, as it's mainly allowing me to learn system administration.

I noticed a few days ago that my internet had become unbearably slow, to the point where I could sometimes not load web pages. I spent a while searching through log files on my gateway, to try and find out what was eating up all of my bandwidth. When I came to apache's access.log file, I was confronted with this:

Code:

204.45.41.82 - - [17/Oct/2010:06:25:10 +0100] "GET http://vewice6.nightmail.ru/marriott-grand-cayma.html HTTP/1.1" 200 36921 "-" "Mozilla/4.0 (compatible; M$
204.45.41.82 - - [17/Oct/2010:06:25:11 +0100] "GET http://malaysiapodcaster.blogspot.com/2006/05/blog-post_11.html HTTP/1.1" 200 58681 "-" "Mozilla/4.0 (com$

[code]........

Multiple requests to my server, for totally random websites. I didn't even know it was possible to make those types of queries to a webserver. The only thing that is on the web server is a browser based torrent client. I have only shown a small snippet of the log file, but there are around 90k lines to different web addresses, from many different IPs. What I want to know, is what is happening? :S Why is someone querying MY web server, for web sites totally unrelated to it? And most of all, how can I stop it. My initial was to try and use iptables to block multiple requests from the same ip within a certain time frame, which I think would work as the server shouldn't really get many queries from external networks.

View 9 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved