I've got a machine on my network that's just running default Ubuntu 9.10, but I was considering setting up a network dhcp service on it to manage my machines. As such I was just wondering about configuring the iptables for it.
Reading about, I believe all incoming connections are dropped by default in a standard installation of Ubuntu anyway. If so, is it simply a case of enabling UFW and using it to allow the appropriate port for the dhcpd service and not touching anything else and everything should remain secure?
I have configured iptables in my system and is working. But I cant find iptables kernel folders such as iptables/extensions/Makefile to make a utility Where to locate them? or how to download and install?
I am encountering problems to configure my firewall (through iptables) to allow apt-get features, like update and install.I have the latest debian server running in a virtual machine in my windows xp and therefore I have two interfaces in this debian server:- NAT Interfaceinet: 10.0.2.15- Host Only Interfaceinet: 192.168.56.101So far my iptable rules drop all packets for default, in exception icmp and ssh that I allow to ping and connect from my windows xp. Both of them I use only the Host interface (192...) to connect to another 192... interface on my windows.
Those are working fine, but apt is not. I know, in this very moment it shouldn't. But I made a lot of attempts trying to configure the iptables allow connections through the 80 and 21 ports from/to NAT and Host. I think I made all possible combination (or not, because it didnt work). But I'm wondering if someone more experient can help me solve this problem.
I'm looking to use Linux (Ubuntu 9.10) as a network bridge between two subnets. I can configure iptables to permit all traffic on eth0 (subnet 1) to pass to eth1 (subnet 2) but before transmitting that traffic I want to perform further analysis. Is it possible within iptables or via a third-party product such a pyroman, to write a "hook" that then directs that traffic to another application installed on the same host?
I am trying to configure iptables for only HTTP and HTTPS traffic. I start by blocking all traffic, which works, via:
Code: iptables -F iptables -P INPUT DROP iptables -P FORWARD DROP iptables -P OUTPUT DROP
I then try to allow HTTP and HTTPS on eth0 with these commands, which does not work:
Code: iptables -A INPUT -i eth0 -p tcp --dport 80 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 80 -m state --state ESTABLISHED -j ACCEPT
Code: iptables -A INPUT -i eth0 -p tcp --dport 443 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --sport 443 -m state --state ESTABLISHED -j ACCEPT After these commands I should be able to access the internet. Does anyone know why this is not working?
I recently installed a new Ubuntu PC that runs iptables and PSAD. I had the same script on another Ubuntu PC, but when I copied the script onto the new PC, I got this error. I don't remember where I found the tutorial for this, all I know is that this is the script (Edited for my usage):
Code:
#!/bin/bash # Script to check important ports on remote webserver # Copyright (c) 2009 blogama.org # This script is licensed under GNU GPL version 2.0 or above
root@NETWORK-SERVER:/var/ddosprotect# ./ipblock.sh ' not found.4.4: host/network `127.0.0.1 Try `iptables -h' or 'iptables --help' for more information. ' not found.4.4: host/network `192.168.1.8
I am unable to restore my iptables from iptables-save after upgrading Fedora. I cannot get iptables-restore to work, and I have resorted to entering rules manually using the GUI.
I am facing a strange problem witht my iptables as there are some firewall entries stored somewhere which is displaying the below firewall entries even after flushing the iptables & when I restart the iptables service then the firewall entries are again shown in my iptables as shown below,
To expand: I'm trying to set up a box with l7-filter, and I need to patch and compile iptables 1.4.1.1 as part of the process. I ./configured it with the prefix= argument so it would install into /sbin instead of /usr/sbin, and I did a yum remove iptables before installing it so as not to get in the way of the original iptables, but I'm wondering if this is really necessary - it's kind of annoying, because removing the original iptables removes the init.d script, deregisters the service, etc. If I don't, is it possible that iptables 1.4.1.1 might get overwritten in a system update or something, or will yum see that I've got a custom/newer version in there and leave it be?
I've tried iptables save, iptables-save and iptables save active.
"iptables save" and "iptables save active" give me an invalid argument error. "iptables-save" isn't a valid command. "iptables --help" gives me a list of valid switches, none of which have to do with saving.
I am trying to follow this tutorial below so that I can get Text to the right of icons on the GNOME desktop. [URL] Everything so far has worked fine, except when I get to step 3 where I compile Nautilus. When I try to run the command ./configure --prefix=/usr It tells me bash: ./configure: No such file or directory
I found a tool made for Ubuntu called Xautoclick. I downloaded it and it is called "xautoclick-0.30.tar.gz" The installation notes say "tallatBe sure you have the proper development packages for your distribution installed (i.e. something like xserver-xorg-dev, gtk2-dev, et cetera). After that, run:
./configure make sudo make install" I have no clue what to do... I typed in "./configure" in the terminal and it says "bash: ./configure: No such file or directory?
kpilot worked just fine with my Palm Tungsten T3 on OpenSuse 10.3. I recently upgraded to 11.2 and have had numerous problems. It took me a while to get the hardware talking (documented in another thread), but now the sync is proving to be problematic. A hotsync happens - and I can also sync fully with jpilot, but the sync isn't going anywhere. I'm hoping to sync with kontact, but it's impossible to tell as kpilot hangs whenever I try to configure the conduits through the "Configure kpilot" menu item. When syncing, the log complains of missing conduits:
I have tried to install and configure Hudson in centos distro version 5.Installed hudson with tomcat by deploying .war files.after configuration was completed, builded a project.It displayed build was completed successfully.but I was not able to download output of build.
So I rechecked configuration,found that i havent set artifact file pattern to archive. how to set artifact file pattern and how to get build output. how to manage hudson by using configure system and configure options.what is the correct way to configure public hudson?.
I want to install a program from this website http:[url].... and i download the option " hydra-6.3-src.tar.gz".i tried following the instructions on this page: https:[url].... but when i get to the ./configure step it says "bash: ./configure: No such file or directory"
I started to use ufw instead of iptables on the terminal, but was wondering if ufw could be installed on a redhat based system? I'm asking, because my office has a mix systems and would prefer to use ufw on these rpm based systems.
So I've used UFW for quite some time now and its been great. But I'm thinking its time to take the plunge into iptables. I want to start blocking repeated connections from IPs trying to brute force my SSH.
I've been reading up on iptables, and it doesn't seem too bad. But I have a few questions I'm hoping people can help with.
1) If I've been using UFW, do I need to do anything special to switch to iptables. I was just going to do "ufw disable". But do I need to uninstall it, or something special. Because even when I do ufw disable, there are still lines in the iptables talking about ufw.
2) regarding those lines, do I need to get rid of them? Is there a way to revert the iptables back to default? These are the lines.
Code:
3) I've read some things that the order of rules in the "chain" matters, but I don't fully understand it. Does it just mean that whatever comes first within the chain takes precedence? So does that mean that if I want to add a new rule, I can't just add it, but I have to make sure it gets listed in the right order?
4) I don't fully understand what these "chains" are either. I can kind of understand the three main ones, INPUT, FORWARD and OUTPUT. But then ufw seems to have added a lot of other ones. What are those?
5) again on chains, if I add a drop IP to the INPUT chain. From my understanding it prevents it from connecting to you. Do I need to put it in the forward chain also? Or just worry about the input chain to prevent connections to me.
I'm new to Ubuntu and Linux and still trying to figure things out. Are UFW and iptables the same, or are they two different firewalls? The reason I ask this is that I can load up Firestarter, (which, from what I've read controls iptables), then go into a terminal mode and run "ufw status", and it shows disabled. What I'm ultimately trying to do is to open up a port so Vuze and/or Transmission Bitorrent will work, but have not had any success.
IPtables, implementing each type of NAT -Full Cone NAT -Restricted Cone NAT -Port Restricted Cone NAT -Symmetric NAT using IPTables.
Explanation: Full Cone: A full cone NAT is one where all requests from the same internal IP address and port are mapped to the same external IP address and port. Furthermore, any external host can send a packet to the internal host, by sending a packet to the mapped external address.
Restricted Cone: A restricted cone NAT is one where all requests from the same internal IP address and port are mapped to the same external IP address and port. Unlike a full cone NAT, an external host (with IP address X) can send a packet to the internal host only if the internal host had previously sent a packet to IP address X.
Port Restricted Cone: A port restricted cone NAT is like a restricted cone NAT, but the restriction includes port numbers. Specifically, an external host can send a packet, with source IP address X and source port P, to the internal host only if the internal host had previously sent a packet to IP address X and port P.
Symmetric: A symmetric NAT is one where all requests from the same internal IP address and port, to a specific destination IP address and port, are mapped to the same external IP address and port. If the same host sends a packet with the same source address and port, but to a different destination, a different mapping is used. Furthermore, only the external host that receives a packet can send a UDP packet back to the internal host.
On the netfilter mailinglist, Pedro Goncalves suggested the following: 192.168.2.170 is "public" address and 10.0.0.1 is "private" address
/-"Full Cone NAT", with the following rules:/
HTML Code: iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source 192.168.2.170 iptables -t nat -A PREROUTING -i eth0 -j DNAT --to-destination 10.0.0.1
/-"Port Restricted Cone NAT", with just a single rule:/
HTML Code: iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to-source 192.168.2.170
I want to block all outgoing traffic with iptables and only allow a few specific websites. I would like to get the code to do so and also to revert the changes in case I want to unblock them.
When I try to run anything that uses iptables, even just iptables -L, I get:
Code:
1+drm33.2/modules.dep: No such file or directory iptables v1.4.4: can't initialize iptables table `filter': iptables who? (do you need to insmod?)
Perhaps iptables or your kernel needs to be upgraded. This is on a fresh Ubuntu minimal install, using my VPS hosts image (so they could have messed something up). I know there have been issues in the past with iptables on Ubuntu on xen. Is this a Ubuntu bug? Is there a solution?
incidentally depmod -a gives:
Code:
WARNING: Couldn't open directory /lib/modules/2.6.32.11+drm33.2: No such file or directory FATAL: Could not open /lib/modules/2.6.32.11+drm33.2/modules.dep.temp for writing: No such file or directory
