I have problem on VPS running opensuse. When I enable firewall outbound connections stop working. I have tried everything I know (not much when it comes to firewall (iptables)) but could not solve this.
Here is my ifconfig:
Code:
I used xxx.xxx.xxx.xxx to hide real address.
I'm having a problem that seems to plague a lot of people judging from my research on the web. I have a hosting provider that limits the number of incoming connections to the shared host to 50 per IP.
I have a single IP for outbound connections and I use Squid as a proxy server.
Lately I've tripped across the 50 connection limit frequently - and that's with only 1 user. It seems the problem is related to the performance you can get out of a desktop these days. Its not impossible to have several browsers open with several connections to different sites on the same server - and boom - locked out!
So it occurred to me that there must be some way to limit the number of outbound connections in the kernel - but I've not found it. I did find that Microsoft had been limiting the number of outbound connections in XP to 10 to address the virus problem, and I've found countless hosting complaints and dialog on the subject with no easy solution.
So my question is simply, does anyone know how to limit the number of OUTBOUND connections to a single IP in the kernel?
I'm having an issue where a server in CA (1000/full) and in VA (100/full) have very lopsided data transfer.
CA -> VA with iperf shows ~20Mbps
VA -> CA with iperf shows ~93Mbps
If we change the CA server to 100/FULL, transfer speed is 93Mbps both ways.
Some tuning was done to TCP window scaling parameters, but it won't correct the issue, just improve the CA -> VA numbers to what is listed above. I will say, turning TCP window scaling OFF will lower the transfer speed both ways to < 20Mbps.
The only clue I have when looking at wireshark dumps is that the window scale going OUT would never go past 10240 (scale is 8, so 2^8 x 40bytes). In the opposite direction, the window size will go above 3MB (scaled).
It is not a bandwidth problem as iperf with UDP shows 93Mbps both ways. Local transfers (CA 1000/full to CA 100/full) show full speed both ways, so I feel it is strictly related to TCP window scaling.
RedHat 5 64-bit on both sides. Any ideas why it won't scale above 10240?
(centos 5.5 86*64 with cpanel) I am trying to set up a php script.
The script requires an outbound connection to project honeypot and when I go to the honeypot.php on my server I get an error asking if outbound connections are disabled.
They could be...I am not sure where to check, I have checked csf and outbound tcp is allowed on port 80, but I am not sure if I should be looking somewhere else.
Obviously I dont want to make the server insecure, so I am wondering how I can allow this outbound connection.
When I enable my ufw it completely shuts me out and I have no internet connection. When I do:
Code:
sudo ufw status numbered
I get:
Status: active
To Action From
-- ------ ----
[ 1] 80 ALLOW IN Anywhere
[ 2] 80 ALLOW OUT Anywhere (out)
But I need to disable my ufw in order to reconnect back to the internet. Why is that? Doesn't the above rules indicate that I should have inbound and outbound traffic even if my firewall is up?
I wish to prevent some programs from "phoning home", and to allow other programs to access only specific web servers.Is there any way to interactively allow or decline outbound communication from individual programs on Ubuntu?
View 4 Replies View RelatedI want to prevent code from making http connections to other, specific hosts. My understanding is this can be done in /etc/hosts.deny. What would that look like?
View 5 Replies View RelatedWhat should I do to keep important files on my computer from being uploaded to the internet? Don't I need an outbound firewall to prevent this?
What causes my computer to send an outbound request to the internet that would result in files being uploaded from my computer onto the internet? I'm afraid to put anything of importance (like reports that I've written for work) onto a computer with internet access because I don't want them to be uploaded to the internet. I wouldn't upload them on purpose obviously, but I'm afraid it would happen without my knowledge because I don't know what I'm doing.
Using Windows, I always set a Restrictive firewall policy with a third party firewall. But I also had all ports set to Stealth, something that appears to not offer any security benefits (as I've learned from reading Ubuntu forums). I'd like to learn about best security practices (under Ubuntu) for outgoing firewall protection. I will be using the built-in Ubuntu firewall that is configured via Firestarter. Outgoing filtering offers privacy as well as security benefits. But I thought I needed my ports stealthed to be safe too, so I'm open to learning new things.
I wanted to start a poll to find out how many folks use permissive/restrictive, but no polls allowed here apparently.Could Ubuntu users knowledgeable about firewalls enlighten me on whether I should go Outbound-Restrictive and what applications I will need to allow so Ubuntu "housekeeping" is not affected negatively? I basically just use the internet for software updates, web-surfing and e-mail. One question I have is whether there is something comparable in Ubuntu to Window's "DNS Client" service? I always disabled Window's "DNS Client" and forced each application to request port 53 DNS lookups itself.I only had to allow four programs to accomplish all internet traffic that I engage in. I set all other programs/applications to be either Blocked or to have to Ask for an outgoing connection as needed.Here is my former Windows XP setup:
svchost.exe: allow UDP for ports 53, 67, 68, 123 (time) and TCP for ports 80, 443
Avast: allow UDP for port 53 and TCP for port 80
firefox: allow UDP for port 53 and TCP for ports 80, 443
IE: allow UDP for port 53 and TCP for ports 80, 443
I want to write a custom rule to allow all connections to the ip addresses on my local network (192.168.2.2 through ...99) but I don't know how. I know adding a custom rule asks me to read a file and put it in "iptables" format, but I don't know how...
View 5 Replies View RelatedI am still new to ubuntu and I use firestarter as my firewall tool and I was told that its just ufw in a gui. Well anyways I noticed a connection to 174.129.241.144 using https and python, I didn't have any scripts running and my browser was closed, I read the man files for ufw and it said to do something like deny from 174.129.0.0/12 and I want to block all incoming and outgoing connections to this IP range and I was wondering how to do that, I heard of iptables that it would be able to do this but I dont know anything about it. What I should learn so I can handle these kinds of situation in the future and how I can block this ip subnet or also what does the /8, /12, and /16 stand for?
View 7 Replies View RelatedSamba is working correctly if Susefirewall2 is off. I have added Samba client and Samba Services for extern access but samba is not working when firewall is now on. Which services should I also add ?
View 1 Replies View RelatedI'm running Jaunty. For some reason, I cannot run Pogo games when the firewall is enabled. I've tried allowed "direct play gaming", thinking that might help, but it didn't. So i guess I need a custom protocol. What ports does Pogo use so I can allow them? Hopefully someone knows... and yes, I do have java. Pogo works if I turn the firewall off. Also, Ktorrent does not work either. I happen to know the ports this one uses, but when I make the protocol, it still doesn't allow torrents to run. The ports I'm trying are 6881 and UDP 4444.
View 2 Replies View RelatedI am establishing ad hoc connection between two PCs
1. LAPTOP: WIFI adapter OS: Ubuntu 9.10 Connection name: trial Address: 192.168.1.36 Subnet: 255.255.255.0 Gateway: 192.168.1.1
2. PC with wired Internet connection + WIFI adapter OS: Windows XP Connection name and parameters same as above except ip: 192.168.1.40
I can see trial is getting connected with excellent strength. When i try to run an Internet on Ubuntu it is not working. Firewall is not active and Router is enabled.
I am using the routing multiple upstream providers solution available on internet using iproute and gwping script. It works great but the problem I am facing is;
Code:
ip route add 192.168.15.0/24 dev eth1 src 192.168.15.2 table ptcl
ip route add default via 192.168.15.1 table ptcl
ip route add 192.168.16.0/24 dev eth2 src 192.168.16.2 table nayatel
ip route add default via 192.168.16.1 table nayatel
[code]....
Im a long time windows user and just installed Ubuntu 9.10 and have heard that i dont need any antivirus or spyware program on it, also is the firewall enabled by default if there is one and last thing do you need to do things like disk clean and defrag if so how.
View 6 Replies View Relatedi am using 9.10 karmic. Firewall is enabled. added ports with ufw allow [portnumber], and i still cannot connect to a port number. iv tryed ufw allow ssh/tcp but that does not work. the ports work when i disable the firewall and i dont want to do that.
ufw is available in all new installations of Ubuntu since 8.04 LTS, but is disabled by default. The standard Ubuntu installation has a no open service ports policy, so enabling the firewall by default doesn't gain any extra security in the default installation, but could provide confusion for people new to Ubuntu when new software that is installed does not work because of restrictive firewall rules. As a result, when first adding ufw to Ubuntu it was decided that users must 'opt-in' to using the firewall. In Ubuntu 9.04 and later, you can enable ufw during installation using preseeding. See /usr/share/doc/ufw/README.Debian for details.
I have installed the graphic user interface for IPtables and enabled this firewall. However, I find it a bit strange. What is the difference between rejecting and denying the traffic? If I want to configure IPtables as two-way, how can I define which of my apps can connect to the internet and which can't? If this firewall is enabled, does it really run in the background, protecting the user,or does it run only when its GUI is opened?
View 9 Replies View RelatedI have noticed interesting problem. I use two browsers - Firefox and Konqueror. Konqueror is configured to use tor, Firefox not. Using Gufw I block all incoming and outgoing traffic and it works while using Firefox, I mean that I can't view any www site and it is ok. But if I use Konqueror I can establish any conection. How to understand this? Should I have different firewall while using tor?
View 5 Replies View RelatedI know that GNU/Linux does not need a firewall (due to iptables), but I would like a basic firewall that would watch incoming and outgoing connections. I would prefer it to have a try icon and be able to run as a regular user, such that I can add it to my .fluxbox/startup file. Anyone know of any good ones? They don't actually have to interface into iptables (because I would do that myself), but if they do it would be a bonus.
View 4 Replies View RelatedI run ubuntu on home pc and am very happy with it. I use internet to surf and to see my email on gmail.com etc. What commands should I give to setup ufw firewall so that only this much is allowed? Also, where can I see if some other connections have been blocked?
View 9 Replies View RelatedI have the latest Ubuntu (9.10) desktop. My 2 cards are:
WiFi: Intel(R) Wireless WiFi Link 5100
Ethernet: Marvell Yukon 88E8072 PCI-E Gigabit Ethernet Controller
Is there any way to get drivers working? My hardware switch is on and i have Ubuntu 9.10 running persistently on my usb so i can download the drivers etc. and install them.
I'm running a Source Dedicated Server on my Ubuntu laptop, and to connect to it via external IP from other computers in the network I need to enable loopback in my router.This was working fine, but then I disconnected my laptop for a few days, and when I came back the wireless stopped working on my Xbox. I reset the router to factory defaults, and then setup everything again. It was all working fine until I enabled loopback again and power cycled my router. Now every time I do that, the internet on Ubuntu stops working and the wireless on the Xbox stops working.
Edit: You can ignore this I guess. It seems I was actually DISABLING loopback by enabling that router option, which I guess caused this. Strange, because the first time enabling this option was the only way to get my external ip to work. Oh well, everything is fine now.
I have a machine that I'm trying to setup as a reverse web proxy. It will have two NICs, eth0 will face the public network, and eth1 will face the "internal" network (connects to a switch that goes out to the other web servers that are statically assigned a private IP address).
When both interfaces are started, I can ping hosts on the 1.2.3.0 network and the 192.168.10.0 network without problem when doing so by IP, but if I try to run a ping or nslookup command with a DNS name, it does not work. I've tried commenting out my entries in /etc/resolv.conf and adding the DNS entries in the /etc/sysconfig/network-scripts/ifcfg-ethX files directly (DNS1=x.x.x.x and DNS2=x.x.x.x), but the results are the same.
I just remotely updated my uncle's Ubuntu 10.10 desktop to 11.04. My uncle has no computer skills, so it is very important that I troubleshoot his problems using VNC. After completing the 11.04 upgrade, I was not able to connect to him via VNC. After some fiddling around I was able to connect by turning off the confirmation option in the Security section. We are now using the password security option. The problem is that my uncle does not have any security against my peering eyes.
I tried reinstalling Vinagre, but that didn't help. Is it possible to get the confirmation option working again somehow?
Is there a download link for Vinagre 3.01 (deb)?
'm running on Ubuntu and I've succesfully setup apache alongside with a working php & mysql configuration - other computers connected to the LAN can access it by typing in my ip: 192.168.0.9however I would like my webserver to be accessible by all internet users...I've got my ports.conf file in the apache setup to listen on ports 80 and 8080 this is my ports.conf:PHP Code:
Listen 80
Listen 8080
Listen 2000
[code].....
I have managed to get iodine working between my ubuntu intrepid box and my windows client with a caveat.
The firewall rules allows DNS queries inbound. The client tunnel endpoint gets assigned an IP address and the tunnel is established properly.
However when I try to ping from the client machine, the reply packets are not coming back.
I used TCPDUMP on the Ubuntu box and watch the dns0 tunnel interface, and noticed that the packets are reaching the Ubuntu box from the client, but I don't see ANY ICMP echo replies until I turn off the firewall from Firestarter.
I see that outbound access rule is to allow all.
Looking at the output of netstat, I'm not seeing a definitive way to tell which torrent connections are clients reaching in to my machine vs my machine reaching out to the world. Is there a clear way to determine which is which?
View 1 Replies View RelatedI suspect this is an initial configuration bug. All firewall logs seem to be going to all
three files. That causes a lot of clutter in the log files, and makes it difficult to see whether there are any serious problems being logged.
Is there a way to configure my interface to promisc mode and also make it not capture the "transmitted" packets. ?I mean, i want the interface in Promisc mode but only for inbound traffic.If there isnt any using ifconfig, can it be by configuring eth0 to promisc using ifconfig , and filtering outbound traffic from being captured using sockets or something ?
View 4 Replies View Related