I have a SSH server on Ubuntu 10.04 running behind a NAT. I have done the port-forwarding at the router. However say for example I want to restrict people connecting to the SSH server by country IP's. When I configure ufw with the following rule it still lets the IPs that are restricted through. Any idea why
sudo ufw allow from xxx.xxx.xxx.xxx/24 to any port 2556
So first off, it probably seems this question has been asked thousands of times before. but I did do a search, mostly archived posts that ended up being something other than a true ip blocking of the port. [URL]..
So my port 80 is truly blocked. Ive tried setting up the port forwarding on my router, Ive tried manually allowing all traffic on port 80 through ip tables. Ive even dabbled with setting up something like openDNS to see So far nothing, Im only available on my local network.
There has to be some way to do a redirect though. even something as simple as an htaccess file redirecting [URL].. xxxx (the space is there to avoid my url being interrupted by a smiley
not blocking sites
Code:
dbhome /var/lib/squidguard/db
logdir /var/log/squid
dest block {
domainlist block/domains
[Code]....
under db I created a directory block where I created a domain file and a urls file dosen't seem to be working
I have Ubuntu Server (x64) installed on my box with Apache2 and Squid. For awahile port 80 (http) was fine, I could update packages and use wget. Then one random day port 80 became blocked for incoming traffic. I couldn't use apt-get and had to change to an ftp mirror to update. Also wget is not working.
View 3 Replies View RelatedI have a home server that I built recently and I have been looking into things I can make it do, and one idea that came up was software to manage incoming calls. The main thing I want is something that can block numbers, but it would also be nice if it could record calls or broadcast the caller id over my wireless network somehow. I've tried Googling around, but I really didn't find much.
View 7 Replies View RelatedI blocked facebook and ..... but if any one change the http with https its open with him how can i mange https like http.
View 9 Replies View RelatedMy IP has been blocked by Composite Blocking List for " IP Address 207 is listed in the CBL. It appears to be infected with a spam sending trojan or proxy. It was last detected at 2011-01-02 11:00 GMT (+/- 30 minutes), approximately 1 days, 3 hours, 29 minutes ago. It has been relisted following a previous removal at 2010-12-30 17:15 GMT (3 days, 21 hours, 2 minutes ago)"
How do I find this "trojan" and remove it???? I have a network of 6 computers right now, 5 are running Ubuntu (3 server and 2 Desktop versions) and one windows computer. I have run a virus scan in the windows computer and found nothing. How can I scan a linux computer for a virus?
For system calls, is blocking or non-blocking default in C? Simple question, just am not seeing the answer super quickly.
View 4 Replies View RelatedI have a device that is working on modbus protocol andI have written a small program(with block TCP read method ) to read its registers via modbus protocol.my program is working very well but except those times that I unplug the Ethernet cable or turning off the modbus gateway during programs work.at this time my program stops on recv system call (if it reach this system call exacly when I unplug Ethernet cable or turning off the modbus gateway during programs work).I changed my source to work in nonblock TCP method, at this time with the same situation my program does not stop/block on recv system call but after pluging back the Ethernet cable or resuming the connectivity situation back it reads data incorrectly .this is my code:Quote:
#define DEBUG
#include <fcntl.h>
#include <string.h>
[code]...
My question is quite simple:What are type of applications where socket in blocking mode can be used ?
And where non-blocking mode to be used ??
TCP is blocking by default.
My ISP (Cox) is blocking port 80 and I would like to know if there is a way to open it again. I am to taking about 8080, 8000 or 81 I want to use 80 so I can host my website and every one can access it without the need to put [url]:[PORT] at the URL
View 2 Replies View RelatedI'm trying to install libbz2-dev on my labtop.I'm running Kubuntu 10.04.Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming.
View 3 Replies View RelatedI am trying to backup my system with a script I found here. It gives me an error message of invalid blocking factor for --exclude=lost+found I have no idea what this means. I tried to search this form for that message and received no hits.
View 2 Replies View RelatedI can see what Firestarter is blocking in the Firestarter/Events tab, but after reading all the man pages of UFW, I still don't know how to check what the UFW is blocking.
View 9 Replies View RelatedAfter reading a lot about networking and security I decided to check the security of my own ubuntu box. So I went installing Nmap and discovered that port 139 was "open". Since I 'd read how to use ufw I created a deny rule for port 139. After a second scan with Nmap it still said that port 139 was open as shown below.
[Code]...
I'm trying to use VNC on my headless desktop server that's running lucid, but I can only use SSH because a pop asking me to unlock the keyring shows up every time I try to use VNC. I don't have a monitor for that desktop, so I was wondering, is there any way to remove the keyring/to automatically unlock it during autologin? I don't remember what a site I found it on, but I used this to remove my keyring yesterday. It's no longer working today.
View 4 Replies View RelatedI need assistance blocking application in Ubuntu 10.04. block all applications for certain users if they do not exist in a certain directory.For example,we would like to prevent users from launching a portable copy of Firefox from a portable HDD or Flash drive.
View 1 Replies View Relatedim having a bit of a problem with Firestarter, i have Transmission opened and i am downloading a movie but when i check Firestarter i see hundreds and hundreds of Ip's that are blocked, and like 10ip's every second that get blocked.
[Code].....
I have the default to deny all. The only rule I have in there is:
Code:
To Action From
-- ------ ----
[code]....
I might be misunderstanding the log but it looks like UFW is blocking connections. I want to allow all incoming and outgoing. I guess what I'm saying is that the servers on my computer will open ports but all other ports should respond with closed just like a default Ubuntu install. Trying to use UFW to monitor connections without really doing any firewalling.
Code:
Aug 1 07:14:07 universal-mechanism kernel: [311111.963762] [UFW BLOCK] IN=eth0 OUT= MAC=00:1f:c6:8a:e9:66:00:01:5c:32:f4:c1:08:00 SRC=72.21.203.146 DST=174.44.178.56 LEN=40 TOS=0x00 PREC=0x00 TTL=233 ID=51984 DF PROTO=TCP SPT=80 DPT=54466 WINDOW=8201 RES=0x00 RST URGP=0
I've setup ufw rules on my system but noticed that the rule i created to allow traffic from my local network is still dropping some RST and ACK packets. here's part of the output of dmesg
[Code]...
Once again I'm trying to get Enemy Territory running on my system. However as usual my graphics card is being a bitch. First of all some system information:
Code:
$ uname -a
Linux abel 2.6.31-20-generic #58-Ubuntu SMP Fri Mar 12 05:23:09 UTC 2010 i686 GNU/Linux
[code]....
I've been able to run *.*msi files in the past through WINE. Apparently the latest version of Ubuntu is blocking the action of launching my *.*msi file. Any way of unblocking this? Uploaded with ImageShack.us. BTW, the app I'm trying to install is Steam.exe.
View 2 Replies View RelatedI updated my system with system updates and when i restarted.I couldn't access the internet from my desktop. i got on laptop internet worked just fine..i disabled firestarter and mozilla connected to the internet just fine. I turned firestarter on. and i couldn't reach anything.. What do I have to do to get firestarter to allow me to connect to the internet via firefox
View 3 Replies View RelatedI am looking for a way to automatically block an ip address and add it to /etc/hosts.deny when they have 3 consecutive password failures or try connecting to a name that doesn't exist more than like twice to help limit the brute force attacks I am experiencing.Is there an easy way to do this already implemented in Ubuntu?
View 7 Replies View RelatedI've been using Deny Hosts for a couple of years now without trouble. My router forwards SSH calls to host tock on my LAN. My router's internet hostname is michigan. I keep an svn repository on tock and access it through michigan. In this way I can update my repository when I'm at home or away.Just today, however, whenever I try any ssh to michigan, I get a closed connection and find michigan in my hosts.deny file. I delete it, make a successful connection, but then on my next attempt - there I am in the hosts.deny file again.
I've worked around it by putting michigan into my hosts.allow file, but I would really like to know what's going on. I've configured Hosts Deny to lock out IPs after three failed attempts, but it is locking out michigan after one successful connection.
thought i'd try the firefox add on noscripts. didn't like it, uninstalled. now it is blocking things regardless and seemingly randomly. the forums for instance are a dog's breakfast.
why is this thing still ambling around like an aimless zombie? occasionally firefox just locks up and all i can do is shut it down. when i restart the machine or logout it makes no diff. the aimless noscripts zombie still lurks, playing havoc with my web experience.
any suggestions on how to completely kill this beast would be more than welcome. this machine runs smooth as and rock solid generally. the last thing i expected was some add-on bomb completely screwing things over. cheers.
edit: hmm, just had a thought. seems like java is not working so i look in add-ons and java add-ons seem to be uninstalled also. i'll have a tweak and get back ...
edit 2: when i go to videos, there are no thumbnails of the vids, just white squares and text, yet when i click a vid it plays without a problem. what the heck is happening? i don't believe that add-on could create so much havoc ... i didn't even make any changes to noscripts! installed it and visited about five websites then uninstalled.
Mobloquer starts up at boot and before I've even opened firefox or transmission or anything, mobloquer shows that is has started blocking several outgoing connections as well as ton of incoming connections. I was wondering if the outgoing connections is normal and what's a normal amount of network activity to show up in system monitor when I'm not actively using the internet.
View 2 Replies View RelatedI have an ubuntu 8.04 dedicated server running openssh which I am having problems with.
The server is based in England yet I am currently working from Thailand. Slow speeds and timeouts I am used to but it is now over 24hr since I have managed to SSH the server (from here).
I just tried remote desktop on my PC back in the UK and this connected straight away through both SSH and SCP.
Thinking that it may be the IP being blocked from my works network I switched off wifi on my phone and tried to connect over the data network a few times with no luck.
Another strange problem is that when we got the server it was locked into a chroot jail which SSH(22) always leads into. After accessing SSH on port 22 I have to run a break script to gain root access. The sshd_config file says that the server is listening on port 57 yet I have never been able to access this.
Code:
> netstat -a | grep ssh
tcp6 0 0 [::]:ssh [::]:* LISTEN
> iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
[Code].....
I need to block some of my sites with SQUID Proxy. I added following lines to my SQUID configuration file but still the site remains unblocked.How to block it?acl blocksites url_regex yahoohttp_access deny blocksitesI have also tried saving some url & filter content in a file and edited configuration as follows,acl blocksites url_regex "/etc/squid/squid-block.acl"http_access deny blocksitesThe squid-block.acl file contents are.cricinfo.commp3
View 2 Replies View Related