Server :: After Running Iptables -F Goes Offline?
Jan 3, 2011After running iptables -F my server goes offline???
Isn't that suppose to flush the iptables, so it will allow all traffic?
ADVERTISEMENT
General :: Settings - In My Server The Iptables And Ip6tables Services Are Not Running ?
Jan 25, 2011In my server the iptables and ip6tables services are not running. But still i am getting some iptables and ip6tables related alerts on my /var/log/messages. My technical leader told me that there might be some mis-configuration in iptables configuration file. But i didnt see anything wrong.
Quote:
Quote:
What does it mean "Jan 25 11:01:32 beteduibsrv3 avahi-daemon[3308]: Leaving mDNS multicast group on interface eth0.IPv6 with address fe80::226:b9ff:fefc:6ec4."
CentOS 5 Server :: Fail2Ban Is Up And Running - IPtables Rules Not Created
Nov 18, 2009I have been trying for days now to get this to work. didn't want to bother people with my questions, i have installed Fail2Ban 0.8.4 on CentOS 5.4.
I get the email notifications from Fail2Ban stating that it just blocked another IP, however, when i look at the iptables through webmin, nothing is actually in there, also the log/secure file dose not show that the ip has been blocked.
Even when I try to log-in with the wrong password, after a few tries i get the email telling me that my ip is blocked, however, I can still SSH using my 'blocked' IP.
Server :: IPtables - SSH Running On Port 2298 (Host Connection Refused)
Aug 1, 2011I have 2 servers..
let say server A and server B
On server A open ssh is configured and is running on port 2298. So from my machine I can login there using ssh on port 2298
But when I login to server B and from there I try to connect to server A I cannot.
ssh: connect to host <ipaddress here> port 2298: Connection refused
CentOS 5 Networking :: Iptables Not Opening Port To Connect Via Vnc To A Server Running 5.5?
Apr 27, 2011I'm trying to open up some ports to connect via vnc to a server running Centos 5.5. I've edited /etc/sysconfig/iptables everything *looks* fine, but I still can't seem to get access to the port I've opened (I added some newlines for clarity between commands):
[Code]....
Server :: If Server Failed Or Offline - Any Way To Check Status?
Mar 9, 2011I would like to implement something when a server is offline for whatever reason. For example. I got my own DNS servers and webservers. I would like it if the users goes to www.somedomain.com and the server it is actually on is down for maint. or For whatever not able to respond. What can be done so that if the server isn't able to be contacted that it can point to either a another server or the dns somehow can display a page stating who to contact to report a problem or to let them know its down for maint. And can goto a site to check the status or whatever.
View 7 Replies View RelatedUbuntu Security :: Both Ufw And Iptables Running Together?
May 23, 2011Can I have both ufw and iptables running together? My server is currently using ufw, if I add an iptables rule will it have any effect?
View 6 Replies View RelatedNetworking :: Running Iptables Break The TCP/IP Stack?
Feb 14, 2011I mistakenly ran 'iptables restart' on a server that was not set to run iptables. Immediately, the server quit making outgoing connections on port 80. It has problems completing a traceroute when another machine on the same VM Host can do everything just fine. One of our best networking technicians diagnosed it as issues with the TCP/IP stack on the OS.
I know that iptables is off, allowing all trafffic incoming/outgoing.
Networking :: NFS Client - Mount Only Works With Proto=tcp While Iptables Is Running
May 17, 2011Client is running Oracle VM Server 2.2.1 (kernel 2.6.18-128.2.1.4.37.el5xen). Storage is a NetApp 3210 (NFS configured to use TCP).
Iptables on client has udp and tcp ports 111, 2049 and the NFS server ports opened. Info retrieved using: rpcinfo -p NetApp
When trying a manual mount ...
But when using the proto=tcp option, it works ...
Stopping iptables also works (I can manually mount the share without using proto=tcp).
Is the mounting process somehow trying to negotiate first using udp which the Netapp doesn't respond and hence it fails by timing out?
Can I configure iptables such that I don't have to use the proto=tcp option? Or is there another configuration file I can tweak so that I don't have to use the proto=tcp option?
General :: Bash - Script That Indicates Time The Server Was Offline?
May 18, 2010Below is data taken from my dedicated server:
[Code]...
I need a script that I can run on an hourly basis that will:
1. Calculate the total downtime since the first date
2. The overall downtime percentage
3. Store this data in a file at /home/bla/file.txt, in the following format: TotalDowntime=03:02:02 Average=0.01%
General :: Install MySQL Server On Debian While Offline?
Aug 29, 2011I'm a Linux newbie. I want to install mysql-5.5.15-linux2.6-x86_64.tar.gz on a Debian box offline without using the apt command. How can I do this?
View 1 Replies View RelatedServer :: How Clients Handle Offline Syslog Servers
Apr 19, 2011How do clients handle offline syslog servers?Will the log files be buffered locally to be sent to the syslog server when it comes back online, or will any log data generated during downtime be lost in cyber space?
View 1 Replies View RelatedUbuntu :: Downloading LAMP Server And Install Offline?
Sep 16, 2010Is it possible to download MySQL, Apache and PHP first? And install them on Ubuntu system offline. Is anybody know how can I get them and install them?
I have to install LAMP server on many system for the purpose of training. So I don't want to download them repeatably. Once download them, install on all system.
Server :: Make A Local Package For Offline Development Network
May 3, 2010I'm trying to make a local package server for my offline development network. Can anyone recommend a mirror containing every single package for CentOS 5.4 x86 as well as 64 bit? I've looked around but I haven't had too much luck yet.
View 1 Replies View RelatedServer :: Require Iptables Rules For Web Server?
Jul 12, 2011i have hosted a web server on cent os 5.6.i need to write the rules for that server.1. 1st how can i flush the iptables ?
i used this command
iptables -F
iptables -X
[code]...
Server :: Create A Webhost On An Running Fedora Server Which Runs Multiple Webpages + A Coldfusion Server?
Sep 29, 2010have to create a webhost on an running fedora server which runs multiple webpages + a coldfusion serveri have to add an coldfusion virtual host to these.what i would do:*crate a new user & group*enter vhosts.conf and copy an existing host and modify it for the new one.*create an new folder and copy the main files (phpstarter and webroot) *chown the files for the right useri think an apache graceful would be needet
View 1 Replies View RelatedServer :: Iptables Log To MySQL?
Apr 6, 2010Does anyone know how to make iptables log to a MySQL database?If you do, can you tell me where I can find a good tutorial?I hope that I didn't ask a question that I could have found easily using Google. I didn't find much or at least not very recent.I am using CentOS 5.4, iptabels 1.3.5 and MySQL 5.0.77.
View 2 Replies View RelatedFedora Servers :: Unable To Restore My Iptables From Iptables-save After Upgrading
Nov 26, 2010I am unable to restore my iptables from iptables-save after upgrading Fedora. I cannot get iptables-restore to work, and I have resorted to entering rules manually using the GUI.
View 2 Replies View RelatedGeneral :: When Restart The Iptables Service Then The Firewall Entries Are Again Shown In Iptables?
Sep 17, 2010I am facing a strange problem witht my iptables as there are some firewall entries stored somewhere which is displaying the below firewall entries even after flushing the iptables & when I restart the iptables service then the firewall entries are again shown in my iptables as shown below,
[root@myhome ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
[code]....
Ubuntu :: Try `iptables -h' Or 'iptables --help' For More Information - ' Not Found.4.4: Host/network `98.200.58.73
Nov 3, 2010I recently installed a new Ubuntu PC that runs iptables and PSAD. I had the same script on another Ubuntu PC, but when I copied the script onto the new PC, I got this error. I don't remember where I found the tutorial for this, all I know is that this is the script (Edited for my usage):
Code:
#!/bin/bash
# Script to check important ports on remote webserver
# Copyright (c) 2009 blogama.org
# This script is licensed under GNU GPL version 2.0 or above
[code]....
Safe.txt contains:
Code:
127.0.0.1
192.168.1.8
192.168.1.1
98.200.58.73
192.168.0.1
And the error message generated is:
Code:
root@NETWORK-SERVER:/var/ddosprotect# ./ipblock.sh
' not found.4.4: host/network `127.0.0.1
Try `iptables -h' or 'iptables --help' for more information.
' not found.4.4: host/network `192.168.1.8
[code]....
Fedora :: IPtables Creates An Error During Startup - Applying Firewall Rules: Iptables-restore: Line 21 Failed
Jul 17, 2010IPtables creates an error during startup as well as when I try to restart it: Here's the output of:
[Code]....
Networking :: Iptables - Forward All FTP To Other Server?
Dec 24, 2008So here is my issue in a nutshell. I need to take FTP requests that hit Server_A and forward them to Server_B. Server_B is not natted...Server_B is another public server in a completely different location in the world. One thing to note is that I only have one NIC hence why you will see both in and out being eth0. This is what I have in my iptables on SERVER_A:iptables -A FORWARD -p tcp -i eth0 --sport 21 -o eth0 -d SERVER_B --dport 21 -m state --state NEW -j ACCEPTiptables -A FORWARD -p tcp -i eth0 --sport 20 -o eth0 -d SERVER_B --dport 20 -m state --state NEW -j ACCEPTI've also tried both of the above without the --sport option. When I FTP to SERVER_A (where the above iptables rule are) it connects to SERVER_A instead of forwarding them to SERVER_B.
View 1 Replies View RelatedSecurity :: Iptables 192.168.1.x Server Can't Ping By 192.168.0.x
Jun 1, 2011i have set firewall for centos of 192.168.1.21 server like this.
it has a gateway of 192.168.1.2
iptables -P INPUT DROP
iptables -A INPUT --in-interface lo -j ACCEPT
iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp --destination-port 22 -m mac --mac-source 00:0F:EB:91:00:01 -j ACCEPT
iptables -A INPUT -p tcp --destination-port 80 -m mac --mac-source 00:0F:EB:91:00:01 -j ACCEPT
the mac source is my laptop's mac address. But when i try to ping from my laptop of 192.168.0.2 (my gateway is 192.168.0.1 but share the same server that has 3 network gateway including gateway for the centos)it failed. what i should do to enable this ping.i also cannot connect to the centos server unless i change my ip to 192.168.1.x and same gateway as centos.can someone suggest what should i modify my firewall to enable connection to centos server from my 192.168.0.2 laptop? is that related to nat and forward chain in firewall of centos?
Server :: Allow Mount In Iptables For Specific Ip?
Aug 1, 2010how to allow mount in iptables for specific ip?
View 9 Replies View RelatedServer :: IPTables Setup For Symmetric NAT
Apr 14, 2011I am having difficulties setting up Symmetric NAT through iptables.
First things first:
"A symmetric NAT is one where all requests from the same internal IP address and port, to a specific destination IP address and port, are mapped to the same external IP address and port. If the same host sends a packet with the same source address and port, but to a different destination, a different mapping is used. Furthermore, only the external host that receives a packet can send a UDP packet back to the internal host."
Need:
I am working on a SIP application and SIP apps face a problem with NATed networks. STUN is a solution to such a problem and my SIP application has an embedded STUN client functionality.
Scenario and Technical Details:
192.168.0.200
+-----------------+
| ClientA - My IP |
+-----------------+
|
|GW:
| eth0 eth1 (example public IP address)
| 192.168.0.1 | 123.123.123.123
+-------------|-------------+
| NAT1 |
+-------------|-------------+
|
|
|
stun.1und1.de |
+---------------------------+
| STUN Server |
+---------------------------+
I am using WinSTUN, which requires a STUN Server address (such as the one I specified above) to return my type of NAT. What I need to achieve is Symmetric NAT through iptables, on the GW server, only on my IP address (192.168.0.200). I don't want it to affect the whole network. I am running CentOS release 5.4 (Final), and iptables v1.4.10
Server :: Iptables & Flasfget In Windows?
Mar 2, 2011this is my iptables rule in table nat :
Code:
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
[code]....
Server :: IPtables And TC - Limit To 1.5Mbps
Dec 27, 2010Does anyone know a simple out of the box option to limit traffic by IP with iptables? Output to each connected IP should be limited to to 1.5Mbps but I don;t want to limit incoming connections from the web. Ideally something with a tutorial because the LARC papers and stuff are impossible to read. For example, the user connects by VPN and requests the webpage [URL]. This should be sent to them at 1.5Mbs but if user 2 connects to [URL], this should also be sent at 1.5Mbps but the incoming ..... connection needs to be allowed to be unlimited to prevent incoming throttling..
View 3 Replies View RelatedServer :: Iptables Configuration For UDP Flood?
Feb 21, 2011Banning the IP is the best way to protect your server but of course, attacker can use another IP and use a lot of your bandwidth until you find and ban the IP. So the only thing we can do to prevent this is, block the packets my iptables length module.
I check the bandwidth usage through "iftop". Incoming traffic is always like 120kb/second and that has to be that way because the traffic enters my server no doubt that it gets dropped by iptables later.
The actual thing what the Ddos ( UDP Flood ) does it that it causes an outbound traffic that eats up like 5mb/second easily and my servers lag. Only if the IP is banned, the outbound traffic comes to an end.
Now I want to use the length module to block it but it just won't work. I've tried the following and shuffled them too but no help.
Code:
iptables -I INPUT -p udp -m length --length 15 -j DROP
iptables -A INPUT -p udp -m length --length 15 -j DROP
Packet length is 15 according to tcpdump:
Code:
19:49:34.504864 IP fms-02.colt.net.belgamanagement.be.56413 > nyc.v1servers.com.20100: UDP, length 15
Server :: Iptables Logging To 3 Log Files?
Jul 21, 2010Whether I use ufw or firestarter to populate my iptables, my firewall logs get written to 3 different log files:/var/log/messages/var/log/kern.log/var/log/syslogI want to keep the logging turned on, but I'd rather it not log to syslog, as it's obscuring other events in syslog that I'd like to see. I'm using rsyslog on Ubuntu. I looked around online and found one person suggesting I add this to the top of rsyslog.conf:kern.* -/var/log/kern.logkern.* ~I did that and restarted rsyslog, but it's still logging to the same 3 files.
View 4 Replies View RelatedServer :: Iptables- Mysql Not Responding?
Apr 12, 2011MySQL cluster server refuses to respond.iptables -L shows:
Code:
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere
[code]....