I'm running IPF on solaris 10 Note :i believe the idea will be the same it doesn't matter either its linux or solaris
Code:
bash-3.00# ipf -V #display ipf version
ipf: IP Filter: v4.1.9 (592)
[code]....
I am new to iptables. The setup tool on a VPS doesn't work. So, I am learning to insert rules. I have inserted so many and some of them show as duplicates now.
1- I want to know how to remove the duplicates. Is there a file that these rules are store in so I can go in and easily edit it?
2- Is there any other utility that handles firewall in Linux that I am unaware of? or is the iptables the ultimate door guard? This is a plain install of CentOS.
3- Since I believe I opened port 5090 but I think it still might be blocked, could SELINUX be the problem? How can I get my way around setting it to permissive or disable if I don't have access to "setup" command?
4- What is the order of iptables reading? does rule #1 supersede all other rules? or does the last rule supersede all rules prior to it?
5- Do the rules below make a fairly safe system? (except for the duplicates which should be remove) I understand that a safe system is dependent also on the applications that are allowed in this category and I am not talking about those. I am talking about dropping all other inquiries and in general is this how iptables are setup? This is what I currently have:
[root@tel ~]# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num target prot opt source destination
[Code]...
I've a strange situation in my network: pcs gatewayed to another network, then a proxy, then a firewall.pcs --> router --> cloud --> router --> proxy --> switch <-- fw --> Internet(router, proxy and fw are alla connected by the switch)Some months ago the situation was: pcs --> router --> cloud --> router --> switch <-- fw --> Internet.There was a static route in the router that gatewayed the packets to the firewall, but that route has been deleted, and I cannot reinsert it because I've not access to the routers, so we have to use a proxy to go to Internet, and we have the configuration of all pcs (Windows XP) with the fields "proxy" filled.The proxy ha only one NIC gatewayed to the firewall, and Ubuntu and squid installed, but we have some problems:
1. we cannot use email, so how can we make port 110 and 25 packets pass?
2. squid seems to slow down, so can we uninstall it and route all the traffic directly to the firewall to speed up?
I have been working in Linux for the past two years.And working in squid for the past 6 months.The following is my Setup
ETH1 - ISP1 (Active)
ETH2 - LAN (Active)
ETH3 - ISP2 (Inactive)
Using Iptables I forward 80 port through squid (3128).Other ports just get connected in the proxy machine itself since it has IP_FORWARD enabled. All my client machines browsers enabled with "Use proxy 3128". I just want to make all the port to pass through squid server.
my iptables Policy is Drop..my server ports is open just for httpd,ssh .Is there any rule which can allow all connection from a specific program for ex. i want to scan an ip Address ports.as you know nmap connect to every known port to see if that is open or not so, if i want to allow nmap to connect, i need to include all ports for that, or i can allow connection from localhost to outside in all ports .my server is very secure . i dont want other programs (probably a backdoor) use those ports to connect outside i want to know is there any ability in iptables which can rule connections by name of program like "Allow any Connection from /usr/bin/nmap to everywhere " ?
View 2 Replies View RelatedThe iptables has every rule set correctly, the users in the subnet works great, but I have the following issue.every user connect to a mysql running on the internet through the port 3306, the forward and masquerade do the job. Now I have a user in the outside, and he wants to connect to a mysql in a certain machine (Not the gateway), prerouting rules solve my problems, but all the packages from the inside users goes now to that certain machine. I would like something like if the package passed trough masquerade don't pass trough the prerouting rule, and if it come from the outside (Not a package that come from a petition from the inside) pass trough the prerouting rule.
View 6 Replies View RelatedI set up a vnc connection to my machine the other day and while doing that checked out any open ports.To my astonishment my ftp port is open, although I double checked the firewall and there's no check in the checkbox for the ftp port. I didn't add a "other ports" rule or anything as well.So, how would I be able to fix that?
View 5 Replies View Relatedi have an embbeded hardware that uses bootp for booting from a Network Managemnt Host (NMH)on the same ethernet. The embedded hardware has both kind of ports i.e ethernet as well as E1/T1. I would like ask, what do i require to establish a communication-link between the embedded hardware and the NMH throuh E1/T1 ports of embedded hardware, so as to make it boot through from E1/T1. Further, NMH possesses only ethernet port. Just to refine my questions i'd like to know what additions do i need to do on my NMH , like may be i have to put an E1/T1 port or is it possible that the E1/T1 port can be directly connected to an ethernet port on the other host.
pardon me if i am not making absolute sense here as my knowledge is limited on Layer 1 and layer 2.
We are trying to create a message forwarder program that receive a message on Port A and pass it on t Port B. Also receive a message from Port C and Pass it on to Port D as follows.
[Code]...
I have samba running on 192.168.100.209 and I am trying to open samba ports only for hosts in 192.168.100.0/24 network.. I have added following rules to iptables. But still I am not able to connect from machines from 192.168.100.0/24 network
Code:
iptables -A INPUT -s 192.168.100.0/24 -p tcp --dport 139 -j ACCEPT
iptables -A INPUT -s 192.168.100.0/24 -p tcp --dport 445 -j ACCEPT
What's wrong with the above rules ?
I have a trayless SATA hotswap bay that is really terrific for quickly attaching and removing SATA hard drives. I'm trying to write a udev rule to create a symbolic link to the device node for the drive that is attached through the hotswap bay (/dev/bay -> /dev/sdX). This eliminates any ambiguity when performing destructive tasks (fdisk, etc). I'm running squeeze amd64. I've read through several tutorials and have it working somewhat. Here's the output of udevadm info for a drive attached via the hotswap bay.
looking at device '/devices/pci0000:00/0000:00:11.0/host7/target7:0:0/7:0:0:0/block/sdb':
KERNEL=="sdb"
SUBSYSTEM=="block"
DRIVER==""
ATTR{range}=="16"
ATTR{ext_range}=="256"
ATTR{removable}=="0"
ATTR{ro}=="0"
ATTR{size}=="156301488"
ATTR{alignment_offset}=="0"
ATTR{capability}=="52" ....
Here is my udev rule
DEVPATH=="/devices/pci0000:00/0000:00:11.0/host7/*", SUBSYSTEM=="block", SYMLINK+="bay%n"
This produces the desired behavior and gives me an fdisk-able device node. The problem I am having is that the "host" component of the DEVPATH varies from bootup to bootup. I'm just using on onboard SATA, host2-7, specifically host7. There is also onboard PATA, host0-1. It seems to just be random which "host"s are assigned to which controller. For example, the next time I boot the system, the onboard SATA will be host0-5 and the onboard PATA will be host6-7. In this simple case, I could just write 2 rules, one for each possibility and it would still be correct because of the different PCI addresses of the two controllers. But on systems with more SCSI (uh... libata, actually) controllers, a "host" file can point to different physical ports between bootstraps. This would be bad. Does anyone know of a way to write a rule to tie a device node to a specific physical SATA port on the motherboard/hba?
how can i drop igmp port 0 packets with iptables rule? my log file is full of this router advertisement.
View 2 Replies View Relatedtell me the command for iptable rule to add in Chain RH-Firewall-1 to block ftp port & the ftp server was configured in public ip address,i searched in google but i did'nt get the exact command for iptables rule in Chain RH-Firewall-1.
View 3 Replies View RelatedI have a server (192.168.1.9) in my network that is running a http server on port 5000. This server port have been opened (on my router 192.168.1.1) to be available from my public IP (on port 80).
I have recently installed openvpn to connect to a vpn, but I'd like to keep my http server available from my public IP (no need to have it available to the VPN network).
I'm completely lost and I don't know where to start ...
Here are some details about the route configuration :
Code:
I get a connection refused error whenever I attempt to connect to a remote ssh server, I tried the test at and it says outbound ssh port 22 is not being blocked. I'm wondering what else could be the problem.
View 3 Replies View Relatedhaving a port 22:connection refused problem with SSH. None of what I have read has been what I have been experiencing, so I figured I would post here. The worst that could happen is this gets completely ignored, or I am told that there is already a solution, that I missed it, and directed to it. Here is my problem:
Just learned how to ssh into my machine a few days ago. Everything has been running smoothly until I ran into a little problem: all of a sudden I can't connect anymore. I have sshd-server installed and updated. I have sshd turned on
Code:
/sbin/service sshd start
And I even ran:
Code:
/etc/init.d/sshd start
Because I was told that it would start ssh from boot. Nothing has changed from today and yesterday and I haven't been having problems with port 22 being blocked.
I have also tried to ssh into the machine by the machine itself:
Code:
ssh <IP of machine>
with the same error.
I cannot use GRsync from Ubuntu Desktop to PCLinuxOS laptop.The 2 computers can ping each other. I have disabled both firewalls. My laptop IP address is 192.168.1.11This is the error on Ubuntu Grsync:
ssh: connect to host 192.168.1.11 port 22: Connection refused
rsync: connection unexpectedly closed (0 bytes received so far) [sender]
rsync error: error in rsync protocol data stream (code 12) at io.c(601) [sender=3.0.7]
Rsync process exit status: 12
On PCLinuxOS it wont say Ethernet is connected when trying a static address setup.However it does connect to the internet via auto Ethernet setup and a LAN cable. It then says connected. In order to use SSH and GRsync what programs are required? I have these installed on both machines: grsync openssh-client openssh-server
Hello. I want to use my Debian box as an internet connection for a Win95 laptop. The laptop is old enough that the only port I have available to connect to the internet from is the serial port. I have heard that a serial port redirector will allow it to access the internet through my debian box, but I have no clue how to set one up. Any advice. Thanks
View 3 Replies View RelatedI am facing trouble to scp from server to to my local machine where as the vice-vesra is working fine.
The error is like below.
lost connection
I have my desktop computer (running F13) configured to accept ssh over port 22 via the firewall configuration tool. If I type ifconfig -a, this computer, which is running on my wireless network, tells me:
Code:
inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0
However, if I go to my laptop computer (also running F13) and try and ssh into the desktop, i.e. ssh icthy@192.168.1.100, I get this response:
Code:
ssh: connect to host 192.168.1.100 port 22: Connection refused.
I guess I am confused to what is blocking the connection? Is there another means on F13 other than the default Firewall? I haven't really messed with the network at all. For what it's worth, I am hoping to set things up so I can just ssh into the computer name, (ssh icthy@desktop) eventually, but want to start with the IP. So, can anyone offer a hint as to what I can look for that is blocking port 22?
I have a Windows machine on which NX Client has been installed. I wanted to test if I could access my Ubuntu box. The Ubuntu Box has NX Server, Node and Client installed. When I try to log in from the Windows machine using NX Client with my Ubuntu username and password I get an error connection refused.
The following service is running: OpenBSD Secure Shell server sshd How can I resolve the issue?
I have had a look at the the information on the ubuntu forum about this but am having trouble getting the server to do what i want it to do.
I have a VPS running ubuntu 9.10 and i am trying to set it up to redirect port 25 to a remote machine via a VPN connection (remote machine connected via VPN)
i have tried setting this up in the firewall using webmin but it is not working.
I've searched through the forums and found a few threads that kind of helped, but I'm still pretty lost when it comes to TC. I'm trying to do and also break it down and explain what each part of the command does so that I can learn along the way. What I'm trying to do is limit any connection from source port 6001 to 30KB/s.
I'm currently running a game server and it has no built in bandwidth limiting feature, which means if someone logs in and needs to download the map it destroys my bandwidth for the rest of the servers players. The game server is running on port 6001.
i want if a port (exp. 1001) have 20 connections that the next new connection forword to an other port (exp. 1002).
View 2 Replies View RelatedI'm using securecrt( aka putty) to connect to Centos server. to esteblish the connection i use xterm.The problem i'm looking the solution for is that I can't use <ALT> to pass the shortcut commands to the app (on the server) because they get intercepted by windows. is there a way around this
View 2 Replies View RelatedQuestion (and Google results aren't making this clear): Ubuntu has both iptables & ip6tables installed. 1. If I set a rule in iptables, does that rule also apply to ipv6, or just ipv4?
2. If "no" to above, then it would be prudent to *also* set ip6tables rules as well if I want to maintain an active firewall, correct?
3. Does ip6tables rules have the same syntax and behavior (more or less) to iptables rules - i.e. can I just copy my iptables rules & change "iptables" to "ip6tables"?
4. Any gotchas or issues that I should be aware of?
i am running ncat (netcat's new version from nmap) on centos . I am listening on different ports. My question is , is it possible that when a connection is received on a port say 123, i redirect this connection to a different port and use the 123 port again for listening connections. ncat has an option -k which u can add with -l , it will force fully listen on the port. It can accept multiple connections on a single port but i want that once a client connects on to 123 port, he is forwarded to some other port and no longer on 123.
View 4 Replies View RelatedI can telnet (while on the actual machine) using
Quote:
telnet localhost 25
When I try and use the local machine's ip
Quote:
telnet 192.168.100.9 25
I get
Quote:
Trying 192.168.100.9...
telnet: Unable to connect to remote host: Connection refused
[Code].....
This last one is strange as I the IP looks odd.
What I am doing wrong, and how do I fix it. After much surfing many mosts say that telnet is not used anymore but I want to use it to test my smtp server.
what I have: Belkin G Wireless Router Model F5D7234-4. To attempt to get Subsonic working, I changed the port forwarding settings (Belkin calls it Virtual Servers) to forward port 4040 to my desktop computer. I then saved changes, and my wireless disconnected. I waited about 3 minutes, and nothing was happening, so I restarted my router. This left me in the position that I am in now. Even when the router and modem are fully booted, the router does not broadcast my SSID. In addition, a wired connection will not connect to the network through the router. This leaves me completely unable to use wireless, and unable to change any settings in the router.
View 3 Replies View RelatedI have installed ubuntu 11.04 and I'm now trying to connect to existing SUSE servers on the LAN. My home directory has a shared NFS mounted home on the SUSE servers while my home on the ubuntu machine is local. I can log in using ssh to all the SUSE servers except one. I get:
ssh: connect to host srv3 port 22: Connection refused
If I use the IP address of srv3 directly it works. Also, before I changed the default machine name ("ubuntu") I could log into srv3.
nslookup srv3 works OK.
ping srv3 works OK.
Even if I completely delete the .ssh directory in both my ubuntu home and in my shared home on the SUSE servers I still cannot log in using the srv3 name, only direct IP address works. I'm thinking that the login I did to srv3 before I changed the machine name for the ububtu machine must have goofed up something