I want to find out which server/service a streaming box connects to and maybe also take a look at some packets. The box connects to the Internet via a Linux gateway running Debian I have root access to. I have some basic knowledge about iptables, tcpdump, netstat etc. but couldn't yet figure out how to get this info.
My first approach was with netstat, but this traffic seems not to be visible (which somehow makes sense to me). My next guess was that with iptables it should be possible to log this connections, however I couldn't yet figure out how to.
I'd like to configure IPtables to make sure I can only access the internet through an openvpn connection (so when the connection is down I have no way to access the internet but to connect to the vpn again).
I know how to do this with Firestarter (restrictive outgoing policy and I only allow the vpn server IPs) but Firestarter seems to be stupid : for some reason eth0 was changed to eth1 and Firestarter can't work properly anymore, even though that probably can be fixed with Firestarter I'm no more interested in this program and I'd better like to know how to apply the same policy using IPtables.
I've tried a few things already but it failed each time ... how can I effectively allow my computer to connect to the VPN while everything else is blocked ?
Client which uses an ISP with a Linux machine (Server 1) with two network cards. Eth0 with ip 1.1.1.2 and gateway 1.1.1.1 these ip's is not public ip's and falls unders the isp's internal range, eth1 with the internal ip range. OpenVPN listen on eth0 for incoming connections. We want to connect to Server1 from external networks. Due to different reasons the isp could not get the routing sorted and give us an public ip on his network. We had to setup another bos (Server2) with eth0 2.2.2.5 and gateway 2.2.2.1 which is public ip's and eth1 with ip 3.3.3.5. Server 2 can communicate via the ISP internal network with server 1. I use DNAT to forward all incoming connections on server 2 to server 1 but the problem I have is that server uses its default gateway for the return packages and does not sent the reply back to server 2. My iptables rules looks as follows on server 2.
So far this works perfectly. What I want to do now is to add another rule that only nats the machine in case it is NOT accessing subnet 1.
In other words, when this machine accesses any other machine in subnet 1, it should show up as 10.1.0.10. Whenever it accesses subnet 2 of anything else, it should appear as 172.16.0.10.
I am a user of Ubuntu 10.04 and I use Firestarter because it lets me know which IPs I am connected to, which ports are used, and which applications are using those ports. The problem is that I can't use Firestarter with my non-sudo account (well, I know that I can change my system settings to do that, but I'd rahther not do it).
So the question is: Is there any application that lets the user monitor the internet connection?
After editing my network connections gateway setup as 192.168.1.1 I get back 0.0.0.0 after I run nm-tool. I'm using Ubuntu ver 9.04 setup on my VMware server.
I have tried to configure my iptables to allow only HTTPS connections to the internet. Unfortunately, I didn't get that to work. I configured it like this:
Quote:
iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A OUTPUT -t filter -p tcp --dport 53 -j ACCEPT iptables -A OUTPUT -t filter -p udp --dport 53 -j ACCEPT
[Code]....
Of course I am only trying to access websites via HTTPS Still, I was wondering if HTTPS somehow under the hood requires the HTTP port to be open or if my rules are in some other way wrong.
I'm having problems with hackers from across the globe trying to get into our servers. Why? i have no clue. nothing of value in my servers worth getting.
Right now my service only does business with USA. So I'm trying to find a way to block all Non USA traffic. I called my hosting provider and they are unable to help. Said it was up to me to do this.
Well I've already taken care of the TCP Wrappers. by spawning a small C program i made that uses MaxMind's GeoIP system. to automatically deny access. Now i need to do something about all the other network connections that come in to services that do not use the TCP wrappers.
So i was wondering if IPTABLES have a way to spawn a sub proccess like TCP wrappers or if there was any other firewall software out there for linux that would let me achieve my goal.
I'd like high-availability feature to firewall (iptables) and openvpn service I'm running at my job. Mi project is two firewall boxes in a active/pasive configuration. And if it's possible sync connections' states. I started reading on heartbeat and I'd like to hear some advices and take away some doubts: For the config I'm planning heartbeat service is enough or it would require a CRM service such as pacemaker.
I was running Ubuntu 8.10 on what used to be a server & is now serving as a stand-alone Ubuntu machine. It's got an MSI motherboard with a Pentium 4 3.2 Ghz processor & 2 Gig RAM. The video card has DVI & VGA outputs & this is where the problem begins. The monitor is a Gateway FPD 1500 1024x768 flat panel & originally appeared not to be supported by Ubuntu but I discovered if I simultainously connected both the flat panel via DVI and my shared VGA monitor (the VGA monitor serves another Linux box and an old WIN 98 machine via a switching box) I could get the display to first show on the VGA and after login it would appear properly on both. But as support for 8.10 is ending I upgraded to 9.10 via the update manager.
Now if I try to boot up using either the DVI Gateway flan panel alone or with it and the VGA connected, the machines hangs after login. However, if I disconnect the the DVI Gatteway monitor, the machine boots normally. Obviously, the necessary driver was removed during the upgrade but I can't find a Ubuntu driver for this monitor & connection type, does this mean I am stuck with it like this? I would prefer to use the flat panel as the picture is easier on the eyes and the VGA monitor is needed for other machines. I also tried a DVI to VGA adaptor and it wouldn't work meaning the monitor is DVI only.
I have openSUSE 11.2 installed and i need to create a gateway server that allows virtual private network connections. I want to play with my friends some lan games, but we are in different networks, so i want to create this gateway server so we can connect with VPN clients to this server and play freely.
I have a server that I can only access via SSH (it's located far away) and I would like to secure it by blocking all ports except the ones that I need (which are HTTP and SSH). I still want to be able to make outgoing connections to enable software updates and other things.This is my iptables -L -n :
Code: Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:1:21 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:23:79 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpts:81:65535 code....
In my opinion, this should block all incoming packets except the ones on port 80 and 22, but allow responses to outgoing connections. But a wget http://google.com does not work, it can't establish the connection.
Maybe this is not the best style for iptables rules, but I want to be absolutely sure to not accidently lock myself out from SSH, so I chose not to configure a "block-everything rule".
Does this configuration not enable incoming packets from connections initiated from inside?
For windows, zonealarm will pop up a window when someone attempts to connect to a port on your computer.Is there a GRAPHIC utiliity like that for Fedora/linux? Not Command Line. (ss, tcpdump,. etc...)
have a problem with my network-manager in ubuntu 10.10.when I dial one of my vpn connections, my other vpn connections be disabled and I can't use them!I tried to restart network-manager and gnome-panel, but it does't seem to solve this problem.
I am trying to get a Linux (Slackware 13.37) working in a Windows networking environment. The IT support for this organisation does not extend to Linux support, so I'm limited in what help I can get for this.
I'm trying to get to the point where I can get to the internet to download what I need on this Linux machine.
The situation is this (*fictitious addresses used) -My Linux machine uses a fixed IP address (10.100.150.21) My Windows machine uses a DHCP assigned IP address (10.100.150.213)Both Linux and Windows machine are configured to access the gateway server (10.100.150.1)So, I can ping the Linux machine from the Windows machine and vice-versa.I can ping the gateway machine from the Windows machine.I can browse Windows Shares on the network via SMB from the Linux machine.I CANNOT ping the gateway machine from the Linux machine with the Destination Host Unreachable message being the error message.
For actual internet access I need to access a proxy server but since the Linux machine can't even ping the gateway server, it fails to ping the proxy.Now, I have been told the gateway is a HW based router and for Windows machine they use some software for authentication to connect to the network. This software isn't available for Linux, so that's why I've been told to use a fixed IP address.My experience of networking is pretty basic and most of the Linux setup is done via running Slackware's setup program.
Is it fair to say that connLimit and hashlimit are very similiar on Linux i.e. while hashlimit caters to limits for groups of ports, they both set the connection rate limit per host? How in IPTables, do I configure a policy that limits connections on a port that encapsulates the total sum of all connections from all hosts? i.e. I do not want to allow more than 6000conn/minute for port range that is the sum of all connecting hosts?
I recently installed Fedora 15 now, and during installation I set the internet connection manually, then did update and after reboot, the internet connection settings have been removed. Now I can not set because the network connection to the Internet Connection is inactive. I mention that before the update was functional internet connection.
I have a server with 192.1.9.10 ip address and I want to define two gateways with ip: 192.1.9.4 and 192.1.9.254 on it but I don't know how I can do it. I don't have professional information in linux.
I've rent a server from a Germany data center,They use a single IP as their gateway that is not in range of my servers IP,Strangly server is working well and when I use 'route -n' command the gateway which is in other subnet appears properly./etc/sysconfig/network contains no gateway IP and I don't know how they set the default gateway while after reboot the gateway is the same, also the IP is static and there's now DHCP.I need to know how they did it so I can do the same on my VPSes.
I have 2 lancard eth0 connected to local lan eth1 connected to bsnl broadband connection, I have centos 5.3 here I configure broadband in dial up mode. I am unable to ping outside world and unable to access some site but able to access internet like google etc, configure file is as:
I have one scenerio ,I want to use my Linux PC as residential gateway .I have only one NIC connected to my PC(I cannot connect more) to handle this problem I am using switch . All the devices including my PC are connected using switch (Please refer attached file). I am not sure how can I achieve this ? I am familiar with NAT and DHCP but do not know is this possible in this case?
Neither of my wired network connections are listed in the network manager applet. I know that networking seems to be functional since I can ping local devices on the network. I can't resolve DNS names however. I suppose this is because network manager usually handles DNS? I've posted the outputs of various configurations below.
Code:
/etc/NetworkManager/nm-system-settings.cfg # This file is installed into /etc/NetworkManager, and is loaded by # NetworkManager by default. To override, specify: '--config file' # during NM startup. This can be done by appending to DAEMON_OPTS in
I have a gateway computer that I've been trying to fix up - whenever I try to install Windows XP/2000/Ubuntu, it finds a bunch of errors. I'd really like to get this computer working, it has a 300GB HD, TV inputs, USB ports out the wazoo, and all that other good stuff. Can someone help me with what to do or have a suggestion on what to replace?
I have formatted the hard drive (the Windows installation did it.) The windows installation is to the point where its copying the installation files to the disk, then it gives me an error that it can't find/can't copy the file. The Linux installation just gives me cryptic errors before it even does anything.
I just want to get it to a point where it's usable I really don't care what operating system.
FTP is not working through a gateway and I think I found that I need to modprobe ip_masq_ftp. However, when I do try to load ip_masq_ftp I get the error: FATAL: Module ip_masq_ftp.o not found.My question is: how do I get ip_masq_ftp?More questions: Do I have to build a new kernel? If I do need to build a new kernel do I just include the ip_masq_ftp module or are there other modules that I need?
What i need to do is setup a gateway with 2 red networks, reason being 1 is my internet connection and the other is my bDSL connection for our IP phone system and i need an IP range of traffic routed to the bDSL rather than internet, i can do this on individual PC's but id like to do it at the firewall level so i dont have to configure each machine on the network.
basically i want all traffic to go to internet except for say 203.x.x.x which i want routed to the bDSL router and let it handle it. Ive dome some reading and it seems ipcop and smoothwall cant do it so i was hoping with some tricky work maybe i can get ubuntu to do it for me.
I can ping my IP, and other PC in the same LAN, but I CANNOT ping the gateway on my 10.04LTS ubuntu. Other PC in the same LAN(Ubuntu 10.04LTS) could ping the gateway and my IP. I thought that (1)network cable is OK because I could ping the other PC in the same LAN.(2)Gateway is OK because other PC could ping it. (3)setting of operating system might be somehow wrong.
I have tried to restart the network several times and still not works. I followed the HOW-To debug tips and following is the results. Any suggestions?
I am coming across a strange error with my gateway. When I do a "ping", this is what I get below:k-63a5b848c6cb4:~ # ping simba PING simba.gateway.2wire.net (192.168.1.69) 56(84) bytes of data.
64 bytes from k-63a5b848c6cb4 (192.168.1.69): icmp_seq=1 ttl=64 time=0.041 ms 64 bytes from k-63a5b848c6cb4 (192.168.1.69): icmp_seq=2 ttl=64 time=0.029 ms 64 bytes from k-63a5b848c6cb4 (192.168.1.69): icmp_seq=3 ttl=64 time=0.023 ms
