Security :: Shorewall Rejecting Allowed Traffic For Transmission-daemon
May 22, 2011
I have the Shorewall firewall running on Ubuntu 10.10 server and the issue I am having is the firewall is blocking traffic from my transmission-daemon even though I have allowed it in the /etc/shorewall/rules.
the rules file has the following lines
Code:
ACCEPT$FWnettcp60000:60035
ACCEPTnet$FWtcp60000:60035
ACCEPT$FWnetudp51413
ACCEPTnet$FWudp51413
[Code]...
as you can see, Shorewall is rejecting packets with source and destination port 51413 on incoming net2fw and outgoing fw2net even though the rules are set to accept.
View 7 Replies
ADVERTISEMENT
Apr 3, 2011
I have installed the graphic user interface for IPtables and enabled this firewall. However, I find it a bit strange. What is the difference between rejecting and denying the traffic? If I want to configure IPtables as two-way, how can I define which of my apps can connect to the internet and which can't? If this firewall is enabled, does it really run in the background, protecting the user,or does it run only when its GUI is opened?
View 9 Replies
View Related
May 28, 2010
While reading some papers on securing apache with selinux, I have tried to bind httpd to port 3000 expecting to be blocked by the selinux, since port tcp 3000 isn't on the http_port_t list. However I was able to start the service...
I'm preety sure selinux is enforcing. Also, if I bind httpd to tcp 81 selinux denies the start of the service, as expected!Did I miss something? Why is httpd allowed to start binded to a port that's not explicitly allowed?
View 12 Replies
View Related
May 5, 2011
i installed transmission on my fedora14 VPS for headless usage by "yum install transmission transmission-daemon", problem comes when i try to configure the init.d Scrip for transmission-daemon to run as a different user instead of the pre-specified user �transmission�,how should i modify the default transmission-daemon file bellow?
Code:
#!/bin/bash
#
[code]....
View 4 Replies
View Related
Jul 22, 2010
I have installed transmission on a headless server. I am using transmission-daemon and connects to the webclient on the LAN. However from WAN I can't connect. I have forwarded port 9091 in my router and it connects with the server, but I get 403: Forbidden.
Here is my settings.json file:
Code:
{
"alt-speed-down": 500,
"alt-speed-enabled": true,
"alt-speed-time-begin": 480,
"alt-speed-time-day": 127,
"alt-speed-time-enabled": true,
"alt-speed-time-end": 0,
"alt-speed-up": 10,
"bind-address-ipv4": "0.0.0.0",
"bind-address-ipv6": "::",
"blocklist-enabled": false,
"dht-enabled": true,
"download-dir": "/data/download",
"download-limit": 1000,
"download-limit-enabled": 0,
"encryption": 2,
"incomplete-dir": "/var/lib/transmission-daemon/info/Incomplete",
"incomplete-dir-enabled": false,
"lazy-bitfield-enabled": true,
"max-peers-global": 200,
"message-level": 2,
"open-file-limit": 32,
"peer-limit-global": 240,
"peer-limit-per-torrent": 60,
"peer-port": 20683,
"peer-port-random-high": 20500,
"peer-port-random-low": 20599,
"peer-port-random-on-start": true,
"peer-socket-tos": 0,
"pex-enabled": true,
"port-forwarding-enabled": false,
"preallocation": 1,
"proxy": "",
"proxy-auth-enabled": false,
"proxy-auth-password": "",
"proxy-auth-username": "",
"proxy-enabled": false,
"proxy-port": 80,
"proxy-type": 0,
"ratio-limit": 0.2500,
"ratio-limit-enabled": true,
"rename-partial-files": true,
"rpc-authentication-required": true,
"rpc-bind-address": "0.0.0.0",
"rpc-enabled": true,
"rpc-password": "password",
"rpc-port": 9091,
"rpc-username": "transmission",
"rpc-whitelist": "127.0.0.1,*.*.*.*",
"rpc-whitelist-enabled": true,
"speed-limit-down": 1500,
"speed-limit-down-enabled": true,
"speed-limit-up": 50,
"speed-limit-up-enabled": true,
"umask": 2,
"upload-slots-per-torrent": 4,
"watch-dir": "/data/download",
"watch-dir-enabled": true
}
View 4 Replies
View Related
Apr 1, 2011
I've tried the following in rc.local but it gets me nowhere:
Code:
TRANSMISSION_TIMING() {
for((a=0;a<=5;a++)); do
sleep 1 &
wait
[[ $(top -n1 | grep transmission) == *transmission* ]] &&
[[ $(date +%H) -ge 5 ]] && [[ $(date +%H) -lt 23 ]] && /etc/init.d/transmission-daemon stop done
}
TRANSMISSION_TIMING &
Code:
TRANSMISSION_TIMING() {
[[ $(top -n1 | grep transmission) == *transmission* ]] &&
[[ $(date +%H) -ge 5 ]] && [[ $(date +%H) -lt 23 ]] && /etc/init.d/transmission-daemon stop
}
TRANSMISSION_TIMING &
Nothing I do can keep this thing from launching, and apparently kill it either.
View 1 Replies
View Related
Jan 24, 2010
I am trying to proxy all traffic from Transmission. The proxy settings in the preferences seem to only effect tracker connections.
View 2 Replies
View Related
May 11, 2010
how to setup transmission-daemon web interface on port 9091?
I did: sudo apt-get install transmission-daemon
On the same PC (as transmission-daemon) I tried http://127.0.0.1:9091/ but is not working. Why is not working out of the box ?
View 2 Replies
View Related
Jun 22, 2011
I've installed transmission-daemon on my headless Ubuntu 11.04 server and use the web interface to manage it. This is all working fine. However, after a reboot it seems that transmission daemon starts but the webinterface is unavailable. I get this in the syslog after a reboot:
Code:
Jun 22 10:54:27 localhost transmission-daemon[703]: Transmission 2.31 (12441) started (session.c:706)
Jun 22 10:54:27 localhost transmission-daemon[703]: RPC Server Adding address to whitelist: 192.168.*.* (rpc-server.c:805)
Jun 22 10:54:27 localhost transmission-daemon[703]: RPC Server Serving RPC and Web requests on port 127.0.0.1:9091/transmission/ (rpc-server.c:982)
Jun 22 10:54:27 localhost transmission-daemon[703]: RPC Server Whitelist enabled (rpc-server.c:986)
Jun 22 10:54:27 localhost transmission-daemon[703]: RPC Server Password required (rpc-server.c:989)
Jun 22 10:54:27 localhost transmission-daemon[703]: Port Forwarding Stopped (port-forwarding.c:181)
Jun 22 10:54:27 localhost transmission-daemon[703]: UDP Failed to set receive buffer: requested 4194304, got 262142 (tr-udp.c:75) .....
View 2 Replies
View Related
Feb 26, 2010
The config file is ambiguous, and keeps getting overwritten when you restart the daemon in Debian, anyway.
In /etc/transmission-daemon/settings.json, there are these options:
rpc-username
rpc-password
proxy-auth-username
proxy-auth-password
Every time I restart the daemon with:
/etc/init.d/transmission-daemon restart
It overwrites rpc-password, and the password it prints doesn't work anyway.
Does anyone know how to set the password properly? I don't want to disable it.
View 1 Replies
View Related
Mar 11, 2010
I would like to be able to simply run a shortcut file or batch file in a windows os to start or stop my transmission-daemon.I was thinking about using putty to auto login and execute a file using the -m switch. A problem I am running into is that /etc/init.d/transmission-daemon stoprequires the use of sudo.That would require entering a password which would be automated and insecure or would require manually typing int he password.
View 1 Replies
View Related
Aug 4, 2010
I have an error when I try to update or remove transmission-daemon package.
Here are some logs:
root@ubuntu:~# apt-get --reinstall install transmission-daemon
Reading package lists... Done
Building dependency tree
Reading state information... Done
[Code]...
View 2 Replies
View Related
Nov 8, 2010
I would like to be able to monitor which programs are allowed to access the internet, but a search for programs to do this has turned up nothing. Preferably, I would like a notification to come up every time an application uses the internet. Is there any (n00b friendly) software available to do that?
View 2 Replies
View Related
Jan 3, 2011
I got Shorewall firewall all Set-up perfect but I'm stuck at 1 last bit. The aim is to let on 2 clients max onto my server. I have the policy setup in webmin as.
Uploaded with ImageShack.us
More than 2 clients can get onto the server. The aim is to have it as a ddos protection allowing 100 clients on and a max burst of 10 clients at a time.
View 3 Replies
View Related
Jan 29, 2011
I have my system set up to where the router(dd-wrt) will send it's syslog messages to my Linux PC system. I am using shorewall as my firewall. I have two questions: How can I configure shorewall to allow the messages from my router? If I use my router IP address to allow the messages to come through the firewall, will this be a great security risk as anything from the internet can come through on that router ipaddress?
View 1 Replies
View Related
Jan 22, 2011
I had just got Arch up and running a couple weeks back, and I was following a random user's guide (previous Ubuntu user and newb to Linux in general)-- I think it may have been a mistake. When I was configuring my iptables/ufw, I'd added a rule to iptables allowing ssh to be used from anywhere (I think so anyhow); it came up as something along the lines of 'ALLOW: IN : ANYWHERE: ssh 22' in red font on gufw.
This had been open for about a few days, and I didn't realize the security risk until I learned what ssh is. So is it likely that my system is compromised and needs a full hard drive wipe? hosts.deny remained in its default state, so wouldn't that override the iptables configuration or no? Could my router have kept any potential threats out like it has before despite the rule?
View 4 Replies
View Related
Jun 5, 2010
I'm using a local proxy server VPN'd to another network.
How do I setup either Firestarter or Gufw/ufw to ONLY allow in/out from ONE port? (The one port the proxy uses)
Ex: Firefox is proxied to 127.0.0.1, all ports, and then the proxy picks it up, and sends out on port xxxx, and recieves on port xxxx, then sends back thru 127.0.0.1, back to Firefox.
Any setting/rules I've treid on either Firestarter or Gufw kills the proxy>VPN (Proxy won't connect to remote network)
Addendum: If I start the proxy FIRST, then the firewall, all is good. I'm thinking the proxy uses a port to connect with remote network first, then switches to my configured xxxx port...hmmm
View 1 Replies
View Related
May 10, 2010
Is it possible at all to secure transmission?
View 9 Replies
View Related
Aug 10, 2010
Squid acl rules can be configured to allow specific ip's to get full access, or rather skips the blocked site list.
acl <tag> src x.x.x.x
http_access allow <tag>
http_access deny blocksites
From all the ways i tried, squid does not log these urls. Is there a way to have squid log the urls requested from allowed ip's?
Specs:
squid ver : (squid/2.6.STABLE21)
OS : CentOS 5.5
View 1 Replies
View Related
Jun 15, 2011
in my firehol.conf there is: client "http https ftp pop3 pop3s smtp cups dhcp dns lpd mysql ntp rdp smtps samba ssh submission telnet p2p" accept When I put: client all accept Transmission is working as it should. I still want to block unknown clients.How can I unblock it?
View 2 Replies
View Related
Feb 28, 2011
I use Ubuntu 10.10 with encrypted home. I'm new with apparmor. My firefox-3.6.13 is now in enforce mode - with standard profile. With this profile it should have write access only to:
owner @{HOME}/Downloads/* rw,
But I can save files (with standard downloadmanager of firefox) e.g. in $HOME itself and I can't find any other rule, which could allow that. I have thing, that ecryptfs workaround just affects the eCryptFS "part of things" and limitations of normal filenames/paths (in mounted ecryptfs) are still possible. Why can firefox write elsewhere as in to ${HOME}/Downloads? I get also this in kern.log (but not by saving a file as wrote above):
Feb 27 05:49:30 duron650 kernel: [ 2284.886631] type=1400 audit(1298782170.190:4: apparmor="DENIED" operation="open" parent=1782 profile="/usr/lib/firefox-3.6.13/firefox-*bin" name="/home/.ecryptfs/hugo/.Private/ECRYPTFS_FNEK_ENCRYPTED.FWY1tHLaOszg1UQTPB2f1Zq7Xu 0xztwk9hVX6-OCUaSGk2nU5ADkJx.rdk--/ECRYPTFS_FNEK_ENCRYPTED.FWY1tHLaOszg1UQTPB2f1Zq7Xu 0xztwk9hVXFlmP1qlJBZ2eq7XFiWljUE--" pid=2209 comm="firefox-bin" requested_mask="w" denied_mask="w" fsuid=1000 ouid=0
Why do firefox try to write to it and why do it fail even with #13 workaround?
Feb 27 06:03:23 duron650 kernel: [ 3118.231818] type=1400 audit(1298783003.534:49): apparmor="DENIED" operation="open" parent=1782 profile="/usr/lib/firefox-3.6.13/firefox-*bin" name="/tmp/.X0-lock" pid=2304 comm="firefox-bin" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
Why try firefox to access X lock?
View 4 Replies
View Related
Sep 27, 2009
Recently I notice that when I'm connected to an vpn server (pptpd) and I'm using it as a default gateway my download and upload speed decreases almost to the half of the usual speed. I made a test using iptables in order to count how much GRE packets are generated (except the real traffic itself) in that way:
Code:
iptables -I INPUT -p gre -j ACCEPT
iptables -I OUTPUT -p gre -j ACCEPT
iptables -I FORWARD -s 172.16.10.101 -j ACCEPT
iptables -I FORWARD -d 172.16.10.101 -j ACCEPT
The first 2 rules match all GRE packets between the pptpd server and client, and the next rules - the traffic between the server and the client.
When I turn the counters to zero and begin to generate traffic (to browse, to download etc.) I see that the GRE packets are even more than these in the FORWARD chain.
So, my question is first of all is my test correct and is it true that so much gre traffic is being generated during the browsing (it becames clear that the traffic is double than if the pptpd wasn't used as a gateway) and if yes - can that traffic be reduced?
View 3 Replies
View Related
Jul 29, 2011
I am using FF ver 5.0.1 from here After reading [URL] I did Code: sudo aa-logprof /path to firefox Allowed all when asked. But when I try to start FF in enforce mode I get
[Code]....
View 9 Replies
View Related
Dec 5, 2010
I can only access the Transmission web interface while the Transmission-gtk client is running. When I close it, the web interface is no longer available. I try to manually start the transmission-daemon, but the process never shows up as running.
View 2 Replies
View Related
Jun 13, 2010
what rules I need to use to only allow traffic between 2 interfaces (which are part of a linux bridge) using ebtables?
So let's say I have if0, if1, if2. I want if1 to communicate with if0. I also want if2 to be able to communicate with if0. But I don't want if1 and if2 to communicate with each other.
View 2 Replies
View Related
Jun 24, 2010
We use a squid proxy server for all http traffic. Is there any way to configure squid so that all traffic which squid and workstation communicates is SSL and encrypted ?
View 2 Replies
View Related
Apr 26, 2010
Where I work we have a lan, it is almost 100% windows machines except for 2 CentOS machines in which some clients connect to, via VPN. (very small network, <50 ip's used)
I would like to know if there is a way to block access from that machines to others in the network. I'm already logging traffic (with IPTraff) to see if they're accessing other machines in the network others than the ones they should connect.
View 7 Replies
View Related
Mar 11, 2011
has my Ubuntu machine been cracked?
machine on home lan
192.168.0.102
it is the DMZ from router
ufw on (ports open for aMule)
sshd installed
[Code].....
View 2 Replies
View Related
Jul 12, 2010
I have Ubuntu 10.04 configured to login with Kerberos (as in [url]). Everything works fine, except gnome-keyring-daemon:
-If I login with a local user, gnome-keyring-daemon works right. Besides, the keyring is automatically unlocked with the login password.
-If I login with a Kerberos user:
- The session startup is considerably slower.
- /var/log/auth.log says something like:
Code:
- If I execute a program that needs the gnome-keyring (like Evolution), is desperately slow, and it says:
Code:
Message: secret service operation failed: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.
- If I kill all gnome-keyring-daemon (killall gnome-keyring-daemon), start a new one (gnome-keyring-daemon), and restart the application that uses the gnome-keyring, it works fine, but it ask me for the password to unlock the keyring (I think that this is the normal behaviour if gnome-keyring-daemon did not start before).
I have seen the configurations in /etc/pam.d and everything looks fine (with pam_gnome_keyring.so). Indeed, I think that if something was wrong here, the local user would not have the keyring unlocked automatically.
View 1 Replies
View Related
Apr 5, 2011
I'm trying to modify an existing user so that any files they create can be at least read (although writing and execution would be nice) by any other user. The reason is because I need the daemon running my Apache server to be able to access files created by a daemon running under this user, files which will be created and accessed in real-time.
View 3 Replies
View Related
