Ubuntu Networking :: Iodine Not Working Unless Iptables Firewall Turned Off

Sep 28, 2010

I have managed to get iodine working between my ubuntu intrepid box and my windows client with a caveat.

The firewall rules allows DNS queries inbound. The client tunnel endpoint gets assigned an IP address and the tunnel is established properly.

However when I try to ping from the client machine, the reply packets are not coming back.

I used TCPDUMP on the Ubuntu box and watch the dns0 tunnel interface, and noticed that the packets are reaching the Ubuntu box from the client, but I don't see ANY ICMP echo replies until I turn off the firewall from Firestarter.

I see that outbound access rule is to allow all.

View 1 Replies


ADVERTISEMENT

Networking :: Comparing IPTables And Firewall Program?

Sep 10, 2010

I have to make my final exam on network & security, my task is to compare Iptables and a firewall program, yeah not a distribution. I use Archlinux so I'd like to continue use it for my project! Anyway my question is: which Network firewall could be the best one? I need this features:

- packet filtering
- HA (High Availability)
- Live (active) connection migration (if one fails...)
- Load balancing (not really important but...)

I know "many" firewalls but they all are distro. I need something to install on a linux machine (as said... better if I can run it directly on Archlinux!)

View 2 Replies View Related

Networking :: Configure My Firewall (through Iptables) To Allow Apt-get Features

Apr 26, 2010

I am encountering problems to configure my firewall (through iptables) to allow apt-get features, like update and install.I have the latest debian server running in a virtual machine in my windows xp and therefore I have two interfaces in this debian server:- NAT Interfaceinet: 10.0.2.15- Host Only Interfaceinet: 192.168.56.101So far my iptable rules drop all packets for default, in exception icmp and ssh that I allow to ping and connect from my windows xp. Both of them I use only the Host interface (192...) to connect to another 192... interface on my windows.

Those are working fine, but apt is not. I know, in this very moment it shouldn't. But I made a lot of attempts trying to configure the iptables allow connections through the 80 and 21 ports from/to NAT and Host. I think I made all possible combination (or not, because it didnt work). But I'm wondering if someone more experient can help me solve this problem.

View 11 Replies View Related

Networking :: Firewall Installed Using IPtables - NAT Rules?

Apr 7, 2010

I just install 1 firewall using Iptables.
Firewall includes 2 NIC:
NIC1 <IP PUBLIC>
NIC2 192.168.10.1
I installed 1 web server IP: 192.168.10.2
I have some PC IP range: 192.168.10.10->20

I set rules NAT on firewall and PC & web server can connect internet good, but I have problems:
When PC access to web server with IP 192.168.10.2 that ok, but PC can't access to web server when using IP Public. But outside internet, I can access to web server using IP Public.

Rules on IPTables
Code:
# Generated by iptables-save v1.3.5 on Sun Mar 7 21:01:16 2010
*nat
:PREROUTING ACCEPT [950:126970]
:POSTROUTING ACCEPT [89:5880]
:OUTPUT ACCEPT [19:1342]
-A PREROUTING -d 209.99.242.124 -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.10.2:80
-A POSTROUTING -s 192.168.10.0/24 -o eth0 -j SNAT --to-source 209.99.242.124
*filter
:INPUT DROP [1599:157409]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [232:34452]
-A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth1 -o eth0 -j ACCEPT
-A FORWARD -i eth0 -o eth1 -d 192.168.10.2 -p tcp --dport 80 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth1 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o eth1 -j ACCEPT
COMMIT

View 2 Replies View Related

CentOS 5 Networking :: Firewall Insanity Iptables And Apf Don't Seem To Like Each Other?

Aug 13, 2009

I'm at my wits end at this point.

CentOS 5
iptables 1.4.1.1
APF 9.7
Webmin 1.4.80 (yes i can be a gui noob at times)

I'm currently running a dedicated server that hosts a couple of sites and runs a game server or two. I was using iptables on its own for a while, but recently I'm a target of all sorts of attacks (typically aimed directly at the gameserver on port 7777. UDP flood attacks, etc). I'm also seeing an spike in foreign spam, SSH brutes, and a few people in Turkey thought it would be cute to download files over and over and over I have decided to start banning entire countries, using the subnets listed here [URL]... I'm trying to block Central and South america (189,190,200,201.x.x.x), China, Ukraine, Turkey, Iran, Spain and Italy. I do this because a majority of the traffic from those areas are usually up to no good.

I installed APF so I could easily add these ranges in deny_hosts.rules and be done with it. I added the ranges, which turned out to be too many, and the system tanked. I decreased the amount of ranges to just 4:

189.0.0.0/8
190.0.0.0/8
200.0.0.0/8
201.0.0.0/8

Restarted APF and it loaded fine. Do an apf --list and iptables --list and it shows those 4 ranges as blocked. The only issue...I have people from 190.x and 200.x connecting to the gameserver and PLAYING. Its as if the firewall isnt there. Also, adding those ranges to /etc/hosts.deny (or whatever) doesn't block them either.

I add one of my own ips and I get blocked instantly. WTF?? I look in the iptables for webmin, and it shows an empty firewall. I do iptables --list and it shows the ranges I added in APF. I'm looking at building (or whatever its called) an fresh iptables with the geoip module added in. [URL]...

I've never done anything like this, and I don't want to kill the box. I also don't want to spend the effort if 1) something is wrong with my system to begin with and 2) the geoip module doesn't work. geoip module aside....how exactly should i configure the firewall? Empty iptables completely and then rely on APF for everything? Oh and heres another tidbit: I tried this before 2 years ago and it used to be that anything I put in APF would show when i looked at iptables using the webmin module. Thats no longer the case now. That was also on CentOS 4 when it did that. I don't know if moving to 5 is whats preventing it now.

In a nutshell, I'm new at this and I'm being inundated with terrible people trying to do terrible things and I'm ready to just give up. Can someone just give me a quick rundown on:

1) how to test that my firewall is actually firewalling

2) how I should configure the/a firewall on this CentOS5. Not too specific, I just want to know if I should empty iptables then load apf, should i not bother with APF (i like it when it works), is there a specific order of doing things?

View 8 Replies View Related

Networking :: Setup Iptables Firewall And DMZ With Multiple Public IP's?

Nov 27, 2008

We have a new Bussiness DSL line with 16 public addresses.What we want is to setup a DMZ to run some services and internet to the LAN. Here's a schematic of what we want:

Code:

Backup Internet Main Internet
connection connection
| |
| |
SDSL Modem BDSL Modem

[code]....

The webserver has the following settings:

IP: 12.34.56.125
subnet: 255.255.255.240
gateway: 12.34.56.126

What IPTABLES rules do i need to setup to "see" all IP's in the DMZ-2 from the internet?

View 2 Replies View Related

General :: When Restart The Iptables Service Then The Firewall Entries Are Again Shown In Iptables?

Sep 17, 2010

I am facing a strange problem witht my iptables as there are some firewall entries stored somewhere which is displaying the below firewall entries even after flushing the iptables & when I restart the iptables service then the firewall entries are again shown in my iptables as shown below,

[root@myhome ~]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

[code]....

View 6 Replies View Related

Fedora :: IPtables Creates An Error During Startup - Applying Firewall Rules: Iptables-restore: Line 21 Failed

Jul 17, 2010

IPtables creates an error during startup as well as when I try to restart it: Here's the output of:

[Code]....

View 11 Replies View Related

Ubuntu Networking :: Wireless Switch Can't Be Turned On Again After Being Turned Off

Feb 2, 2010

The wireless connection works fine. The wireless switch automatically turns itself on every time I start the computer. However, after turning it off, I can't ever turn it on again unless I restart the computer. And because of this, the wireless connection is disabled until the next time I start the computer.I don't think this is a hardware problem because the switch can be turned on and off, although not in the way I expect.

I'm using ubuntu 9.10 on an Acer Aspire 4740G. The command [lspci | grep Network] shows Atheros Communications Inc. AR928X Wireless Network Adapter (PCI-Express) (rev 01). the [rfkill list] command shows (when the switch is on)

0: phy0: Wireless LAN
Soft blocked: no
Hard blocked: no

and, as expected, shows (when the switch is turned off)

0: phy0: Wireless LAN
Soft blocked: no
Hard blocked: yes

I just want to be able to turn the switch on or off at any time I want as long as the computer is still on.

View 2 Replies View Related

Networking :: Iptables + Squid + Dansguardian - Boxes Will Act As A INTERNET Firewall + Filtering?

Jan 14, 2011

is this possible on 2 Linux boxes will act as a INTERNET Firewall + Filtering: 1st PC = CENTOS 5.5 functions as a firewall using iptables with two NICS 1=ETH0 connected to internet with a public ip and 1=ETH1 with ip address of 10.0.0.1 connected to the 2nd PC Centos 5.5 with squid/dansguardian with ip address of 10.0.0.2

2nd PC = Centos 5.5 functions as a squid + dansguardian internet filtering with 2 NICS 1=ETH0 with ip address of 10.0.0.2 connected to the ETH1 of the 1st PC with ip address of 10.0.0.1 and 2nd ETH1=connected to LAN (172.16.1.0/24)

does this make sense? this might be confusing but I just want to try this, to protect incoming ssh from our previous Sys admins who intended to enter the LAN 172.16.1.0/24 network. And also to confuse them that they have to pass through 10.0.0.1 - 2.

View 3 Replies View Related

Security :: Use Iptables As Firewall Instead Of Juniper Firewall?

May 9, 2011

Can we use iptables as firewall instead of Juniper firewall

View 2 Replies View Related

Networking :: IPTABLES DNAT For Packets Originated Within The "firewall"?

Aug 26, 2010

I'd like to (if it's possible, of course) to redirect the packets originated within a linux box, and I've been tryin' to do it through the OUTPUT chain in nat table:

Code:

iptables -t nat -A OUTPUT -p tcp -d 192.168.0.74 --dport 80 -j DNAT --to-destination 192.168.0.17:80

The policy for the rest is ACCEPT.This redirection didn't work this way. If I do lynx http://192.168.0.74:80 I reach 192.168.0.74 host, so there is no redirection.Could I achieve what I'm needing through with IPTABLES' OUTPUT chain (in nat table)?

View 1 Replies View Related

Ubuntu Servers :: Setting Up NAT Firewall Using IPtables

Nov 30, 2010

I am having a little trouble setting up a NAT firewall using iptables. I have 1 PC dedicated to being the firewall running Ubuntu 10.04 LTS. There are 2 NICs in this PC. One NIC is connected to the modem & the other is hooked into my router, sharing the connection through to the other PC on my LAN. Thing is that I am having troubles setting this up using iptables. I have it sharing the connection, but can't seem to make it forward 2 ports through to my webserver on the LAN. I am also wanting to setup init.d to control iptables. I have been trying to google this, but haven't found anything useful to get this accomplished. I put the following into rc.local to make the forwarding work:

/sbin/iptables -F
/sbin/iptables -N block
/sbin/iptables -A block -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A block -m state --state NEW -i ! eth0 -j ACCEPT
/sbin/iptables -A block -j LOG
/sbin/iptables -A block -j DROP
/sbin/iptables -A INPUT -j block
/sbin/iptables --table nat -A POSTROUTING -o eth0 -j MASQUERADE

View 1 Replies View Related

Server :: Use Sendmail In A Firewall Iptables?

Oct 20, 2010

I'm trying to configure a messaging system based on php script with iptables, rsyslog and mysql. In the firewall server Sendmail is istalled so i'd like to use it to receive messages in the main mail server, located in DMZ. In the Lan i've configured another linux server than works perfectly, sending mail messages to the server located in DMZ. After looking for some solution I've tried to configure sendmail to relay mail to the server but the only thing I reached is the following message: "Deferred: Connection refused by mail.server.com" message rest on queue and flushing it reply

[Code]...

View 2 Replies View Related

Slackware :: Rc.firewall Vs Iptables / Difference Between Them?

Jan 18, 2011

Does the rc.firewall script just use iptables or is that something completely different?

View 3 Replies View Related

Ubuntu Security :: Iptables Firewall Logs Router?

Apr 5, 2011

In an effort to learn more about firewalls and iptables I have left behind gui set-up tools and have setup a firewall using iptables that logs to its own file. The firewall is as follows:

Code:
*filter
:INPUT DROP [0:0]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [0:0]
:TCP - [0:0]

[Code]...

View 8 Replies View Related

Networking :: Telnet Is Not Working With Iptables?

Sep 29, 2009

i want to open specific port using iptables i.e 3159 Whenever i tried to telnet it generates the following error

Code:

# telnet 172.16.4.100 3195
Trying 172.16.4.100...
telnet: connect to address 172.16.4.100: No route to host
telnet: Unable to connect to remote host: No route to host

but when I stopped iptables

Code:

# service iptables stop

Its working fine

i added the ports in iptables i.e.

Code:

#iptables -A INPUT -p tcp --dport 3195 -j ACCEPT

for safe side I also added telnet port

Code:

# iptables -A INPUT -p tcp --dport 23 -j ACCEPT

but result was same.... In short telnet works without iptables but with iptables it generates the error mentioned above

View 10 Replies View Related

Ubuntu Security :: Difference In The Output Of A Port Scan Using Zenmap On The Same System With UFW Turned Off And Then With It Turned On

Feb 16, 2010

This is the difference in the output of a port scan using Zenmap on the same system with UFW turned off and then with it turned on. It is obvious that UFW works.

View 6 Replies View Related

Networking :: Outbound Connections Not Working When Firewall Enabled - Opensuse

Jan 17, 2011

I have problem on VPS running opensuse. When I enable firewall outbound connections stop working. I have tried everything I know (not much when it comes to firewall (iptables)) but could not solve this.

Here is my ifconfig:

Code:

I used xxx.xxx.xxx.xxx to hide real address.

View 2 Replies View Related

Debian :: How To Use IPtables - Basic Firewall Setup

May 16, 2010

Recently I have been working on iptables and trying to understand how to use it. Here's a little script I have written to setup a basic firewall for myself:

Code:
#!/bin/bash
if [ `id -u` -ne 0 ]; then
echo "You need root privilege"
exit 1
fi

PROG=/sbin/iptables
$PROG -F
function sethttp {
echo "Opening http port..."
$PROG -A INPUT -p tcp --dport 80 -j ACCEPT
}

function sethttps {
echo "Opening https port..."
$PROG -A INPUT -p tcp --dport 443 -j ACCEPT
}

function settorrent {
echo "Opening torrent port..."
$PROG -A INPUT -p tcp --dport 52413 -j ACCEPT
}

while getopts "hst" option; do
case "$option" in
h) sethttp;;
s) sethttps;;
t) settorrent;;
*) echo "DOH!"
esac
done

$PROG -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
$PROG -A OUTPUT -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT
$PROG -A INPUT -i lo -j ACCEPT
$PROG -A OUTPUT -o lo -j ACCEPT
$PROG -A INPUT -j DROP
$PROG -A FORWARD -j REJECT
echo "Done setting up the firewall! Enjoy :)"
exit 0

OK, this can take 3 arguments that open ports 80, 443 and 52413. And at the end, some default rules are applied. But here's the thing I don't understand:
if I don't give the argument for port 80, I can still view web pages... and also, when I remove the line:

Code:
$PROG -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Whether I say it to open port 80 or not, I can't view any web pages.

View 1 Replies View Related

General :: Firewall Graphics Interfaces For IPTables?

Jun 7, 2010

I had been using Guarddog for iptables but I updated to KDE4 and guarddog does not work with KDE4, neither does Firestarter. Is there a Graphical interface for iptables available that works with KDE4?

View 2 Replies View Related

Server :: Iptables Firewall To Allow Ssh On Port 3210

Mar 9, 2010

I have setup sshd_config for port 3210! I have difficult setup the iptables firewall to allow ssh on port 3210! i always enter this:

iptables -A INPUT -p tcp --dport 3210 -j ACCEPT
iptables -A OUTPUT -p tcp --sport 3210 -j ACCEPT

but after i restart ssh, the system do not allow port 3210... why? do i forget something?

View 4 Replies View Related

Ubuntu Security :: Firewall - IPTables Stock Settings Safe?

Apr 15, 2010

So I know Linux has iptables, I'm rather new to linux, and I'm wondering, are the stock settings with Ubuntu/Kubuntu safe? Is there anything I need to do make them more secure? I tried adding rules myself for some things but ended up just not being able to do anything so I had to reset back to stock with iptables -F. Should I be safe running as-is?

View 4 Replies View Related

Ubuntu Security :: Exploits In Kernel - Possible To Bypass IPTables Firewall

Jul 4, 2010

When there is an exploit in the kernal, can the iptables firewall get bypass? If yes,how do you know? Otherwise how can you find out.

View 9 Replies View Related

Networking :: Old Iptables Script Not Working With New Install?

Jun 10, 2009

I have an old iptables script (?) that I got from iptablesrocks.org, which works fine with my antique Fedora 4 system. I transferred it to a brand new RHEL 5.3 install, but when I go to use 'iptables-restore < firewall_script' it throws a 'no command specified' error at the very last line of the script, which I have never seen before. The script works fine on Fedora 10 and RHEL 5.1, I am pretty sure it even works fine on RHEL 5.2. Could it be that the fact that I am using 64-bit Linux for the first time, and need to do something different? Here is the script: [URL]

View 5 Replies View Related

Networking :: Cannot Login Using Ssh (iptables Not Working As Expected)

Jun 20, 2010

On the computer on which I have to login, Shoreline is installed.I know I can add rule to /etc/shoreline/rules but I decided to manually enter an iptable rule by typing:

Quote:

/sbin/iptables -A local2fw -s 10.100.98.74 -p tcp -m tcp --dport 22 -j ACCEPT

Then why am I not able to login using 10.100.98.74... I get connection refused error...

View 3 Replies View Related

Networking :: Iptables Port Forwarding Not Working?

Jan 28, 2011

I've used iptables since it replace ipchains, and I've never had a problem like this.The problem is, as you can see by the title, that port forwarding simply does not work.

network topology:
Slackware Linux Server:
eth0 - LAN (192.168.0.0/25)
eth1 - DSL Static IP
eth2 - cable Static IP

eth1 is our standard office connection; it handles all of our default traffic (web browsing for the staff, email, etc). eth2 is our VPN connection, as well as use for all incoming connections (www, etc). Behind the linux box I have a series of Windows Server 2008 R2 boxes that are used to run our office software, website, etc - I don't care how nice they make their products these days, I simply don't trust any MS box open to the net.
Therefore, this leaves me with having to port forward port 80 from eth2 to the internal IP address of the web server.

My ruleset is as follows:

$WWW - ip address of the web server
iptables -A FORWARD -d $WWW -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i eth2 -p tcp --dport 80 -j DNAT --to $WWW

Running ip route shows that I have routing entries for all 3 networks, and I can ping, ssh, etc to any of the addresses without issue. OpenVPN connects across eth2 as well, and all 15 of my VPN tunnels work fine. However - and here's the kicker - if I delete the default route and replace it with the route for eth2, port forwarding works fine.

If we accept that my networks are as follows:

192.168.0.0/25 - eth0 net, gw .1
1.1.1.0/29 - eth1 net, gw .1, eth1 ip .2
2.2.2.0/30 - eth2 net, gw .1, eth2 ip .2

then ip route reveals the following:

2.2.2.0 via 2.2.2.1 dev eth2
2.2.2.0 dev eth2 scope link src 2.2.2.2
1.1.1.0 dev eth1 scope link src 1.1.1.2

[code]....

View 7 Replies View Related

Networking :: Iptables Postrouting SNAT Not Working?

Aug 9, 2009

trying to alter the source IP of my outgoing http packets through iptables. This should be simple enough, right? Regardless, I'm cracking my head trying to understand what I am doing wrong. Wireshark shows that the outgoing packets do not have the source IP modified at all. I want this to happen for TCP packets sent on Port 80 (http traffic). I am using the nat table in iptables to attempt POSTROUTING. I've tried several different rules at separate times:

iptables -t nat -A POSTROUTING -p tcp --dport 80 -j SNAT --to-source 172.16.8.50 <--- Still sends out TCP packets as originating from 172.16.8.100
iptables -t nat -A POSTROUTING -s 172.16.8.100 -p tcp --sport 80 -o eth0 -j SNAT --to-source 172.16.8.50:80 <--- Still sends out TCP packets as originating from 172.16.8.100

iptables -t nat -A POSTROUTING -d 172.16.10.71 -j SNAT --to-source 172.16.8.50 <--- This rule was a last-ditch effort. It is supposed to rewrite the source IP for ALL packets going to the single client machine. Still doesn't work - the packets have the source IP unchanged.

I have another server - let's call it serverB/172.16.8.50 - that forwards all http TCP packets on port 80 to serverA/172.16.8.100. This part works. But when ServerA responds, it responds with its source IP for ServerA. I need it to respond with the source IP of ServerB. Otherwise, the client gets confused and ignores the packets (because the client sent an HTTP request to ServerB, but the response comes from ServerA).

View 14 Replies View Related

Networking :: Putty Not Work When IPTABLES Is Working?

Jan 18, 2011

I am using putty in my windows machine to access my Linux server terminal.

Code:

Putty works fine if I disable my Linux IPTABLES. My Windows machine IP is 192.168.1.249
Linux server IP address is 192.168.1.200 I don't know how to allow it through IPTABLES.The port which putty is using is 22.

View 3 Replies View Related

Debian :: Written A Simple Script For Iptables (rc.firewall)?

May 16, 2011

this is my first post and I'm a newbie with debian.I have written a simple script for iptables (rc.firewall)

#!/bin/sh
### BEGIN INIT INFO
# Provides: Script Firewall for IP-tables

[code]....

View 2 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved