I have Ubuntu Server (x64) installed on my box with Apache2 and Squid. For awahile port 80 (http) was fine, I could update packages and use wget. Then one random day port 80 became blocked for incoming traffic. I couldn't use apt-get and had to change to an ftp mirror to update. Also wget is not working.
View 3 RepliesSo first off, it probably seems this question has been asked thousands of times before. but I did do a search, mostly archived posts that ended up being something other than a true ip blocking of the port. [URL]..
So my port 80 is truly blocked. Ive tried setting up the port forwarding on my router, Ive tried manually allowing all traffic on port 80 through ip tables. Ive even dabbled with setting up something like openDNS to see So far nothing, Im only available on my local network.
There has to be some way to do a redirect though. even something as simple as an htaccess file redirecting [URL].. xxxx (the space is there to avoid my url being interrupted by a smiley
I will be setting up a web server at my house. It will be a simple page for my family to keep in touch and maybe some other stuff. Here is the problem: I believe my ISP blocks port 80. So when setting up the firewall and it list the normal port 80 am I able to edit to say 8080? I have a ddns already setup for my router and I am waiting for an email back from DynDNS.com on setting up a new domain to forward to my already setup hostname. I just need to get everything redirected to another port beside 80.
View 4 Replies View RelatedHow can I set my server to listen at a different port for http access. I would like to use port 8080 (to circumnavigate isp blocks). Also can I do the same thing for sftp connections?
View 3 Replies View RelatedIt appears that my ISP is blocking port 80, so I can't set up a proper website on my home computer. I'd like to choose a different port to use (they block 443 also), and I'm not sure how to do this with Fedora (or any Linux flavor for that matter
View 2 Replies View RelatedWhen I turn on my SeLinux to enforcing mode on my Red Hat system ssh stops working and my http server stops responding.
I went into the SeLinux GUI and enabled things in there but still it wont work.
Any thoughts on what to check?
permissive mode and disabled they work
I read several articles that say it should not be affect by SeLinux and the setting look correct but the only thing I do is turn on SeLinux and ssh /httpd stop working
ps -eZ | grep sshd
system_u:system_r:unconfined_t:SystemLow-SystemHigh 432 ? 00:00:00 sshd
system_u:system_r:unconfined_t:SystemLow-SystemHigh 2426 ? 00:00:00 sshd
[root@goxsa1340 ~]# ps -eZ | grep httpd
user_u:system_r:httpd_t 3044 ? 00:00:00 httpd
[Code].....
I installed Nagios on my Ubuntu 10.04 server using apt-get and when I accessed the web console, everything was OK. I made some changes to apache (creating some new virtual sites) and since then Nagios gives me a warning message for HTTP with the message, HTTP WARNING: HTTP/1.1 404 Not Found. The sites that I created are working perfectly. I noticed that the attemps are 4/4. Does this need to be reset or does Nagios automatically reset that once it detects the issue is resolved?
View 1 Replies View RelatedMy ISP (Cox) is blocking port 80 and I would like to know if there is a way to open it again. I am to taking about 8080, 8000 or 81 I want to use 80 so I can host my website and every one can access it without the need to put [url]:[PORT] at the URL
View 2 Replies View RelatedI have the default to deny all. The only rule I have in there is:
Code:
To Action From
-- ------ ----
[code]....
In order to connect to the internet when i am at work i have to use a proxy server; the problem is that this proxy also blocks port xxxxx which is used by a internet radio station. Is there any way to be able to listen to that radio station?
View 5 Replies View RelatedI'm having an issue with ufw and Synergy. I'm trying to run my Xubuntu 10.10 desktop as a server, and my Xubuntu 10.10 laptop as a client. I can do this just fine as long as I either: Have ufw enabled on my client but disabled on my server Have ufw disabled on both my client and my server I have no custom rules added to iptables on my client. On my server, however, I have tried the following rules:
$ ufw allow from 192.168.0.0/24 to any port 24800 $ ufw allow from 192.168.0.0/24
Neither of these configurations works. ufw on my server seems to block my client's requests regardless of having port 24800 fully open from any local connection, or just flat-out fully allowing any incoming local connection. I'm not sure why ufw seems to be ignoring the rules I'm creating, but as it stands right now, the only way I can connect the two is if I have ufw on my server disabled. And I have tried to ping the two machines; each machine can ping the other, even if ufw is running on both.
And I can ping the router, as well, from both machines. Any ideas on where to go from here to troubleshoot? I should probably also add that I am using the same configuration file that I do on vanilla Ubuntu (with updated host names, of course), and I have no problems in Ubuntu. This seems to be specific to ufw and my Xubuntu desktop. I can paste the code for my server's configuration file, if desired.
I have cloned an embedded system that runs Opensuse 11 x86 using dd. The embedded system uses a simple serial device, by writing to the relevant device file (/dev/ttyS2, usually). Curiously, when I write to the same serial device on the newly cloned system (which, incidentally, has almost identical hardware), thusly:
echo hello > /dev/ttyS2 the command blocks for up to a minute, before finally returning without making the hardware do anything. I can boot into Opensuse's rescue system on the clone and successfully do exactly the same thing, as I can when I boot the original's "identical" operating system. Why might this problem occur? What can I do about it?
I am currently having problems with my server. Its being DDOSed. I have a vps with Centos 64bit. The attack I want to block is udp flood. I was trying to do something like this: iptables -I INPUT -p udp --dport 123 -m limit --limit 40/s -j DROP but instead of blocking certain hosts it blocks the whole port and during the attack its unreachable. How to limit packets per host or any other way to protect from udp flood.
View 11 Replies View RelatedI am currently running Debian 6. I would like to know if there is a way and how i would go about blocking a certain IP range from connecting to my server within a certain port range. Say for example.
i want to block ip range 123.123.123.* from connecting to my server on the ports 33000 - 43000. But, i want to allow them to connect on any other port range, and i want to be able to allow connections from my server to the blocked ip range on those same ports. so, blocking incoming only on the above port range.
using iptables.
I am at a loss how to prevent Denial of Service attacks to port 25 and not block legitimate connections from 2 Barracuda 800(s) and block smart phones such as iPhones/Blackberrys/iPhones that use the server smtp.server.com for email.
Presently for port 25
RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 25 -j ACCEPT
The 2 Barracuda 800(s) make port 25 connections all the time, plus users with smart_phones have the incoming server type:
IMAP
pop.server.com
smtp.server.com
Is there a way to keep Denial of Service attacks from happening with iptables rules without causing blocking to the Barracuda(s) that make constant port 25 connections & smart phones that poll? I was thinking if I allowed the Barracuda(s) in these lines
-s (barracuda)24.xx.xx.xx -d (emailserver)24.00.xx.xx -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT
Where the source would be the Barracuda going to the email server. It would be allowed, then I am left with how to allow other connections like Smart_Phones that connect via Port 25. I am thinking if I put rules in place doing connection counts in a minute it would result in errors connecting to the server and people would start complaining. Plus any limiting may result in blocking real traffic. Then would I need to allow the ISP range in the above example to accept port 25, I am still left with how to drop a flood/denial of service attack.
I want to ENABLE SSL on a PORT 2222 :
Now this works fine. But I also want the HTTP URL to work and redirect it to HTTPS.
When I visit http://IP:2222 I get :
Quote:
Bad Request
Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.
Hint: [url]
How should I make this request of [url] CT to [url]
* a router/gateway. The external interface have the public IP, an other the DMZ, a third the internal room* a DMZ with the web server* an internal network (internet public room)I redirect the http port 80 to the web server. You should see him there.But I can't see this web site from the internal room. From the public IP /URL I have some sort of non existent message (sorry forgot to copy it). If I call for the private IP, I get the home page (but not the CSS files)the gateway nat's the networks.What is the trick to see the web site from the internal network?
View 4 Replies View RelatedHow can I find out which process is listening on a port on linux?
View 5 Replies View RelatedI have to retrieve a http request from a particular port using libcurl. I'm using localhost .I am done with retrieving http request using socket programming. how to start integration of libcurl in simple socket programming code.
View 1 Replies View Relatedi have a problem........ How to redirect local http port to remote ip ddress(192.168.10.64) using iptables..my destro is Centos 5.3 my rule is this iptables -t nat -A PREROUTING -s 0/0 -d <my local ip> -p tcp --dport 80 -j DNAT --to-destination 192.168.10.64
View 1 Replies View RelatedI have a SSH server on Ubuntu 10.04 running behind a NAT. I have done the port-forwarding at the router. However say for example I want to restrict people connecting to the SSH server by country IP's. When I configure ufw with the following rule it still lets the IPs that are restricted through. Any idea why
sudo ufw allow from xxx.xxx.xxx.xxx/24 to any port 2556
I'm simply trying to make a little restriction on www packets under two rules:
1. Allow inbound/outbound www packets (works!)
2. DROP inbound traffic to port 80 from source ports less than 1024. (DOES NOT WORK!)
Now, technically, when i use hping to test my rules, hping3 192.168.100.100 -S -p80 -s 1023 I should NOT receive any packets. However, i still receive packets, which means my rule that says less than 1024 does not work. (see below)
And this is my iptables rules in shell-script so far:
#!/bin/sh
DEFAULT_NIC=eth0
SERVER_IP="192.168.100.100"
ALLOWED_WWW_PORT=80
IPT="/sbin/iptables"
[Code].....
not blocking sites
Code:
dbhome /var/lib/squidguard/db
logdir /var/log/squid
dest block {
domainlist block/domains
[Code]....
under db I created a directory block where I created a domain file and a urls file dosen't seem to be working
I have a home server that I built recently and I have been looking into things I can make it do, and one idea that came up was software to manage incoming calls. The main thing I want is something that can block numbers, but it would also be nice if it could record calls or broadcast the caller id over my wireless network somehow. I've tried Googling around, but I really didn't find much.
View 7 Replies View RelatedI blocked facebook and ..... but if any one change the http with https its open with him how can i mange https like http.
View 9 Replies View RelatedMy IP has been blocked by Composite Blocking List for " IP Address 207 is listed in the CBL. It appears to be infected with a spam sending trojan or proxy. It was last detected at 2011-01-02 11:00 GMT (+/- 30 minutes), approximately 1 days, 3 hours, 29 minutes ago. It has been relisted following a previous removal at 2010-12-30 17:15 GMT (3 days, 21 hours, 2 minutes ago)"
How do I find this "trojan" and remove it???? I have a network of 6 computers right now, 5 are running Ubuntu (3 server and 2 Desktop versions) and one windows computer. I have run a virus scan in the windows computer and found nothing. How can I scan a linux computer for a virus?
For system calls, is blocking or non-blocking default in C? Simple question, just am not seeing the answer super quickly.
View 4 Replies View RelatedI have a device that is working on modbus protocol andI have written a small program(with block TCP read method ) to read its registers via modbus protocol.my program is working very well but except those times that I unplug the Ethernet cable or turning off the modbus gateway during programs work.at this time my program stops on recv system call (if it reach this system call exacly when I unplug Ethernet cable or turning off the modbus gateway during programs work).I changed my source to work in nonblock TCP method, at this time with the same situation my program does not stop/block on recv system call but after pluging back the Ethernet cable or resuming the connectivity situation back it reads data incorrectly .this is my code:Quote:
#define DEBUG
#include <fcntl.h>
#include <string.h>
[code]...
I'd like to report an issue I've had with Ubuntu server ISO. I downloaded ubuntu-9.10-server-i386.iso by HTTP on ubuntu's website and burned it on a CD. It doesn't work well. I got an error in udevadm sys/devices/pci0000 etc. it was a problem with the hardware, but it seems that it's the ISO that is corrupted. I checked the MD5 checksum and it's not good. Then I download the same ISO a second time (by HTTP) and same problem.
So it seems to me that the ubuntu-9.10-server-i386.iso that we can download by HTTP is not the same as the torrent one. Maybe I'm wrong. Anyway, if I'm right I hope this information will be useful for administrators.
I'm thinking about some ways to limit access to my web-server. It runs Nginx and php in FCGI. The server contains a large amount of information. The data is freely available and no authentication is required but other companies might like to mirror it and use on their own servers.
The requests could be limited on different levels: IP, TCP, HTTP (by nginx) or by the php application. I found some solutions (like Nginx's limit_req_zone directive), but they do not solve the second part of the problem: there's no way to define a whitelist of clients who are allowed to use the data.
I thought about an intellectual firewall that would limit the requests on IP basis, but I'm yet to find such device. Another way was to hack some scripts that would parse the log file every minute and modify the iptables to ban suspicious IPs. It would take days and I doubt this system will survive, say, 1000 requests per second.
Perhaps, some HTTP proxy, like Squid, could do this?