I am using Linux version 2.6.18-8.el5xen. I have two nic card. One is configured as local block ip and another is configured with real ip. I can't ssh from outside (i mean on real ip) local lan. But i can ssh on another nic card which is configured as local lan ip. but somedays ago i could ssh from my home but now i cant. I stopped IPtables but still i cant.
View 3 Repliesi have just setup a firewall using iptables on centos 5.3 but there's an issue with ftp
i can connect and i can login when i give command "ls" it says entering passive mode
and afterwards it times out do you know why? i have port 21 open in my firewall but still....
I just installed webmin, then added the line for port 10000 into my iptables. I restarted iptables, but I still can't get to the webmin page on my server. If i stop iptables, i can connect to it. did i edit iptables wrong? could something else be blocking it?
# Firewall configuration written by redhat-config-securitylevel
# Manual customization of this file is not recommended.
*filter
[code]...
I am unable to restore my iptables from iptables-save after upgrading Fedora. I cannot get iptables-restore to work, and I have resorted to entering rules manually using the GUI.
View 2 Replies View RelatedIPtables creates an error during startup as well as when I try to restart it: Here's the output of:
[Code]....
I am going to start studying IPTABLES for Linux Firewall. Can any one suggest me the best Book for IPTABLES contains everything of iptables.
View 2 Replies View RelatedI am facing a strange problem witht my iptables as there are some firewall entries stored somewhere which is displaying the below firewall entries even after flushing the iptables & when I restart the iptables service then the firewall entries are again shown in my iptables as shown below,
[root@myhome ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
[code]....
I recently installed a new Ubuntu PC that runs iptables and PSAD. I had the same script on another Ubuntu PC, but when I copied the script onto the new PC, I got this error. I don't remember where I found the tutorial for this, all I know is that this is the script (Edited for my usage):
Code:
#!/bin/bash
# Script to check important ports on remote webserver
# Copyright (c) 2009 blogama.org
# This script is licensed under GNU GPL version 2.0 or above
[code]....
Safe.txt contains:
Code:
127.0.0.1
192.168.1.8
192.168.1.1
98.200.58.73
192.168.0.1
And the error message generated is:
Code:
root@NETWORK-SERVER:/var/ddosprotect# ./ipblock.sh
' not found.4.4: host/network `127.0.0.1
Try `iptables -h' or 'iptables --help' for more information.
' not found.4.4: host/network `192.168.1.8
[code]....
I am running Ubuntu server 10.10 and trying to setup iptables rules in /etc/if-up.d/iptables
Quote:
root@host# cat /etc/network/if-up.d/iptables
#!/bin/sh -e
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Problem is that iptables doesn't get updated and I don't see them when iptables -L is executed after reboot.
To expand: I'm trying to set up a box with l7-filter, and I need to patch and compile iptables 1.4.1.1 as part of the process. I ./configured it with the prefix= argument so it would install into /sbin instead of /usr/sbin, and I did a yum remove iptables before installing it so as not to get in the way of the original iptables, but I'm wondering if this is really necessary - it's kind of annoying, because removing the original iptables removes the init.d script, deregisters the service, etc. If I don't, is it possible that iptables 1.4.1.1 might get overwritten in a system update or something, or will yum see that I've got a custom/newer version in there and leave it be?
View 4 Replies View RelatedI have been struggling with this for a very long time now. I have installed Fedora Core 9 on my computer. I have set it up as a caching-nameserver and this is working.
Then I wanted to secure my server with iptables, and I have so far made this script:
# Load the connection tracker kernel module
modprobe ip_conntrack
iptables -F
iptables -P INPUT DROP
iptables -P FORWARD DROP
[Code]....
I can reach the dns server with ping. When trying Nslookup it says that it got SERVFAIL from 127.0.0.1 trying next server, and then it times out.
My resolv.conf file lists:
nameserver 127.0.0.1
nameserver DNS-server
To remove it, 238 packages have to go. There are so may the board won't even allow me to post them all. [URL]
View 14 Replies View RelatedIm pulling my hair out trying to get ftp to work through iptables.Im using vsftpd
Table: filter
Chain INPUT (policy DROP)
num target prot opt source destination
1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
2 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
[code].....
i am forced to do a iptable configuration and the requrements are it shuld get connection from our dubai server (2or 3 static ips) also get connection from local static ip all other networks shuld be blocked what is these prerouting,postrouting&forward chains. is i need to configure that?
View 3 Replies View RelatedInstalled F12 a while back. Everything was working fine. Then I wanted to install perl-cpan, so when I run "yum install perl-cpan", or "yum update", it hangs on "Loaded plugins: presto, refresh-packagekit".
I've let it hang there for hours, nothing ever happens.
For the first week or so, Yum worked fine, I could manually update as I've done on other Fedora versions without any issue.
In the Gnome gui I have automatic updating disabled. As far as I can tell, yum-updatesd isn't running and isn't enabled. I wanted to update things manually for a while until I got this new box "settled in".
I know I can install cpan via other methods, but this strange behavior with Yum has me worried.
I ran all the "yum clean" commands, and now yum actually displays errors:
Trying other mirror.
I get these errors over and over.
I read up on how to edit the /etc/yum/fedora.repo and fedora-update.repo files to fix this, BUT, I have no such files...
This is what I have:
The other interesting thing is that my /var/log/yum.log is 0 bytes.
Yet the yum.log-20100101 is 209709 bytes and shows all the updates I did just a month ago...
Where can I download the repo files from? How can I fix the repository?
When I try "yum repolist" I get the same errors.
What i wanted to do was block everything from getting in my pc but still be able to surf the web and still use instant messenger.
View 2 Replies View RelatedOn Fedora 12 each reboot seem to reset my custom iptables rules I have manually added to/etc/sysconfig/iptables. My change are in /etc/sysconfig/iptables.old so obviously some process is removing them.
View 4 Replies View Relatedhow to let iptables to allow dns & dhcp distributions from the server to the clients only w/out exposing the port dhcp port udp 67,68 and tcp port 67,68 as well from the outside world.DHCP only uses udp, but still I also allowed tcp ports as well just to be sure & also I already allow DNS ports in the firewall w/c is not inluded below. linux newbie here,
when i issued the command below to allow those ports only to the internal network the firewall still blocking it. what seems to be the problem?? #iptables -A INPUT -m iprange --src-range 192.168.0.1-192.168.0.254 -p udp --dport 67 -j ACCEPT
[Code]...
I want to block the icmp packets(ping) from the other computer to my RHEL-4 what's the syntax I should use to do so in IPTABLES.
View 2 Replies View RelatedSo I am trying to block any SSH connection attempts on Saturdays and Sundays to be rejected. This is the command I have come up with.
iptables -A INPUT -p tcp --dport 22 -o eth0 -i virbr0 -days Sat,Sun -j REJECT
I have also tried many different ways to do this but nothing is working, I am always getting Bad Argument: 'Sat,Sun' error, also when I try to use --days it says it doesn't recognize it.
1: Did chkconfig --level 12345 iptables off (and ip6tables too)
2: Did system-config-firewall and unclicked enable
3: Rebooted:
Dang the stuff is still there:
--
# /etc/init.d/iptables status
Table: mangle
Chain PREROUTING (policy ACCEPT)
[code].....
I have blocked all connection with iptables and allowed only the loopback:
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -P INPUT DROP
iptables -P OUTPUT DROP
iptables -P FORWARD DROP
Next I want to allow only ssh connections, and also I want to record the IP address of each attempt to access port 22 using the recent module. Then I want to to see if that IP address has attempted to connect 2 or more times within the last 60 seconds, and if not then the packet is accepted:
iptables -A INPUT -p tcp --dport 22 -m recent --set --name ssh --rsource
iptables -A INPUT -p tcp --dport 22 -m recent ! --rcheck --seconds 60 --hitcount 2 --name ssh --rsource -j ACCEPT
iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --sport 22 -j ACCEPT
iptables -A INPUT -j DROP
iptables -A OUTPUT -j DROP
I enabled LDAP from the system>administration>authentication and have not had any luck with it working. I now want to turn it off and log back into my machine normally.
I logged into terminal as root and told it to change the config files back to the previous ones and now it will not let me log into any of my accounts including root! this is via X, SSH and terminal.
If i boot into single user mode and change a users password this makes no different.
I am tired of constant problems with fedora and simple tasks that should cause no problems, I have had fedora installed for a few days now and the sound was good, I recently plugged in my pc speakers via audio jack it worked fine, then I retrun to find no should being played anywhere while everything is up, I even do the commands alsamixer -D hw:0 and all sliders where up, wtf is wrong with this BS, I unplug my speakers, still no sound, kaput, it just stops playing, I never had so many complications running an OS
View 1 Replies View RelatedWhile on holiday skype on my laptop Fedora 11 just stopped working. It would no longer load. I tried removing it and reinstaling more than once now. the icon just sits there when clicked it does nothing. I have tried starting it from the applications folder same thing it does nothing. the program was working perfectly then it just stopped
View 2 Replies View RelatedI am still struggling to get skype running on that platform, but it hardly works. First I tried to install skype-2.1.0.47-fc10.i586.rpm but it did not work, always ending in "Aborted (core dumped)".Then I found an entry in some forum and tried to use skype-2.1.0.47-fc9.i586. rpm, and it worked! I could make calls, the microphone was recognized and everything worked as it should be.
Until today. For reasons beyond my scope skype stopped working, and after I have looged in with my skype-name I got the above Aborted-message again. Even after the reboot of my Dell Laptop skype refused to work.I even installed all the recommended yum packages I found in this skype forum topic.Can anyone please advise me how to properly install a stable version of skype with Fedora 12? I searched the Fedora forums but did not use any useful entry.
When using yum update, can a program have been wrongly updated (or marked updated without finishing the update)? I ask this question because I'm new to Linux and my connection stopped during a yum update and the console text was strange when I did CTRL + C. (Did it 2 times (starting the yum update and because of no more answers and pressed CTRL + C)).
View 4 Replies View RelatedI've seen a couple of threads about recent issues with skype, but nothing like this. Since today my mic is not working in skype (it does work otherwise, for exmaple in sound recorder). I'm using F11 x64. Yesterday I upgraded to the last skype version, and today the mic wasn't working. I downgraded now, thinking that was the problem, but still the same issue, so maybe some update did this (I'm not sure if alsa or pulseaudio got any update yesterday or today).
View 1 Replies View RelatedI've been running F12 and then upgraded to F13 this summer. All was working great until I came home from vacation and my F13 box hung. Upon reboot the X server will not start. I have a Nvidia 8400GS card and it's been working fantastic since I install the box last year. I have tried Nouveau and AKMOD Nvidia drivers to no avail. What info do you guys need to help me out???
Here is a snip from messages.log:
Aug 22 21:15:21 bigbertha kernel: [drm] nouveau 0000:01:00.0: nouveau_channel_free: freeing fifo 2
Aug 22 21:15:21 bigbertha gdm-binary[8620]: WARNING: GdmDisplay: display lasted 0.862857 seconds
Aug 22 21:15:21 bigbertha kernel: [drm] nouveau 0000:01:00.0: Allocating FIFO number 2
Aug 22 21:15:21 bigbertha kernel: [drm] nouveau 0000:01:00.0: nouveau_channel_alloc: initialised FIFO 2
Aug 22 21:15:21 bigbertha kernel: [drm] nouveau 0000:01:00.0: Allocating FIFO number 3
Aug 22 21:15:21 bigbertha kernel: [drm] nouveau 0000:01:00.0: nouveau_channel_alloc: initialised FIFO 3
Aug 22 21:15:21 bigbertha gdm-simple-slave[8666]: WARNING: Unable to parse output:
[Code]...
it was always so intuitive to set up, but it suddenly stopped working between 2 hosts, and now refuses to setup.I looked for documentation for system-config-nfs on how to set up between 2 hosts to verify my methods, but there is absolutely no documentation online on how to set up the share with the utility after several hours of googling.Does anyone who where to find the documentation or have any idea why it took a dump and wont configure?
View 1 Replies View Related