I'm running into a problem with ufw when enabled and need to edit before.rules but i simply do not know how to safely do so. This is a known issue [URL] The problem for me is;i issue the command sudo vi /etc/ufw/before.rules and i get there,i use the arrow keys to get to this part to replace "-m conntrack --ctstate" to "-m state --state" and i do not know how to execute this safely.I am using enter keys,delete keys and.
View 3 Replies
can i actually edit /etc/sysconfig/iptables and create/delete rules inside that file?will it work? i just find using the IPTABLES -A or -D command a hassle
View 3 Replies View RelatedI need to create filename 70-android.rules in the directory /etc/udev/rules.d/I have Adm privileges in my user account properties, but when I use sudo to create this file the Ubuntu OS does not allow me the privilege... I am running Ubuntu 10.04 LTS and here's the Terminal output below:daddy@gatomon-laptop:/etc/udev/rules.d$ sudo cat > 70-android.rulesbash: 70-android.rules: Permission denieddaddy@gatomon-laptop:/etc/udev$ ls -ltotal 8drwxr-xr-x 2 root root 4096 2011-03-16 18:03 rules.d-rw-r--r-- 1 root root 218 2010-04-19 04:30 udev.conf
View 2 Replies View RelatedI need assistance with my Snort Installation. I used Bodhi Zazen's Network Intrusion Detection System post and found it easier than the previous time I had done it. I am currently running Ubuntu 10.04 server and Snort 2.8.6.1 with BASE 1.4.5. I followed Bodhi Zazen's instructions and when I tested snort it ended with a Fatal Error due to ERROR: /etc/snort/rules/exploit.rules(264) => 'fast_pattern' does not take an argument
Fatal Error, Quitting.. Here is the entire output once I ran the test command: snort -c /etc/snort/snort.con -T Running in Test mode
[Code]...
I have a linux.img image for ubuntu.I want to edit file inside it, how can open it, edit a file, then remake the bin file?
View 7 Replies View RelatedI googled this question, no relevant results. I don't samba, ssh, or any P2P file sharing. Is udp neccesary for general web browsing/file downloading? What would be the best general ufw rules to set for above conditions and varying ip address? I know how to use the full ufw syntax in command line.
View 5 Replies View RelatedI've set up a number of mail filter rules in Evolution (10.4 by the way) but I can't find out how to run them manually.
I know in MS-Outlook I can do this. I have lots of mail to sort
I tried searching for an explanation on howto add a file but couldn't find anything.
View 5 Replies View RelatedI've setup ufw rules on my system but noticed that the rule i created to allow traffic from my local network is still dropping some RST and ACK packets. here's part of the output of dmesg
[Code]...
Is it possible to edit the "Places" menu the way one can edit the "Applications" and "System" menus on gnome?
Right-clicking on the bar gives only Applications and System as editable menus. I would like to remove some items from the places menu and add others of my own liking
I have a set of iptables rules generated by Firestarter, and i'm in the process of trying to familiarise myself with iptables itself, but there's one particular rule which is confusing me, perhaps somebody could explain it to me
My INPUT chain reads as follows:
Code:
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT tcp -- cdns01.plus.net anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
ACCEPT udp -- cdns01.plus.net anywhere
ACCEPT tcp -- cdns02.plus.net anywhere tcp flags:!FIN,SYN,RST,ACK/SYN
[Code]...
Given that the firewall is actually blocking packets, it can't be this simple, so what am I missing?
How would you remove all iptable rules and chains?
View 2 Replies View RelatedI've configured iptables to act as a stateful firewall, but instead of simply rejecting packets I'd like to waste a potenial hackers time by droping any packet that would otherwise be returned. Are my rules sufficient or have I somehow opened myself up to an attacker by trying to write these rules myself?
View 3 Replies View RelatedI have a question related on udev rules. I have a SMS Gateway project using multiple usb gsm modem. I use huawei modem for this project. My goal are every time I plug in huawei devices on my ubuntu box it automatically mounts on specific ttyUSB port
e.g.
huawei 1 -> ttyUSB1
huawei 2 -> ttyUSB2
My problem are to meet this goal i must find unique data between different huawei devices (e.g. productID, vendorID, serial). In huawei product this information are the same with all devices.There is only one unique on every huawei devices. That is IMEI value. How can use this value or find this value for udev rules.
what do the following two commands do? Do they modify the iptables rules in any way?
sudo /sbin/iptables -L -n
sudo /sbin/ip6tables -L -n
For some reason, Ubuntu keeps assigning my network interface wrong MAC address. This happens only after fresh boot (I have dual boot with WinXP, if I start Windows first and then restart to Ubuntu without switching computer off, the MAC is correct). Contents of /etc/udev/rules.d/70-persistent-net.rules:
Code:
# PCI device 0x10ec:0x8136 (r8169)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:22:19:ef:1c:3d", ATTR{type}=="1", KERNEL=="eth*", NAME="eth0"
# PCI device 0x168c:0x001c (ath5k_pci)
SUBSYSTEM=="net", ACTION=="add", DRIVERS=="?*", ATTR{address}=="00:17:c4:78:f4:f8", ATTR{type}=="1", KERNEL=="wlan*", NAME="wlan0"
[code]....
EDIT: I made a workaround by adding
Code:
auto eth0
iface eth0 inet dhcp
hwaddress ether 00:f3:f5:ef:fe:56
to /etc/network/interfaces and it works. However, I'd still like to know why Ubuntu ignores my udev rules, regardless whether the workaround happens to work or not...
my ufw rules have been loaded and active yet using iptraf i see tcp connections on ports that were never allowed by ufw. can anyone explain this too me does ufw just not work?
View 6 Replies View RelatedWhen I upgraded to 10.4LT I agreed to something that stopped snort, after days decided to just re-do with new snort version. Used bodhi.zazen's MySql instruction version (which is what I used in the past) Everything went pretty well except for figuring out that I needed to delete all the lib_sfdynamic_preprocessor_example?? files (I also deleted all the lib_sfdynamic_example?? files too just to be safe). Used my original Oinkmaster with updated rules version and downloaded the emerging threats too (as I had in the past) and snort won't run with some of the emerging threat rules because it's lookning for snortsam (fwsam). I read up and snortsam looks like a good idea (if I'm wrong somebody just let me know)
if this seems dumb, but I really don't understand, the snortsam directions are HORRIBLE, the snortsam src looks like a windows file when unpacked with all the .dll files(but they say for all OS's), it builds but you need to copy the binary to /usr/local/bin (what in ubuntu would be a binary?).
the snortsam-patch-2.8.tar.gz won't unpack and the Snort 2.8.6 patch is a file, not a package (have no clue where to put it or what to call it if I got the 2.8.tar.gz to unpack so I could build it)
I have a clean install of Ubuntu server Lucid Lynx with the virt-host task installed. I need to find the location of the iptables rules that are being loaded when the system boots. These are the rules for the virbr0 interface.
View 1 Replies View RelatedHow do I get ufw to refresh firewall rules after accidentally running iptables -F
View 3 Replies View RelatedIn Lucid I have some ufw rules but I figured that I need to limit the ICMP messages that the box responds to and also limit their number. There are iptables rules to accomplish this but since I already have ufw rules it is safe to use iptables only for ICMP rules ?
View 4 Replies View RelatedI recently set up a ftp server in my house running a dyndns service so I can get to it from the outside. I called my isp to get some help in setting up the router to forward port 21 from the outside to that box, and in short we had some problems. Long story short, they ended up bypassing the router itself, and now the line running to the box is its own fixed external ip. Naturally I want a pretty darn good iptables setup for this. The box runs proftpd and so far my iptables only accepts local loopback and port-21. (I left port 80 closed as its only purpose is to be a standalone ftp server) But I know there must be a safer rule for port 21, as right now its just wide open. Anyone have any ideas on how to make this a bit safer? Also would that command be fine for any of the linux machines im connecting to it from the outside too?
View 3 Replies View RelatedRecently I had made some udev rules to communicate with a few devices using USB ports. For some odd reason, they suddenly stopped working. Here are my rules:
Code:
ATTRS{idVendor}=="0403", ATTRS{idProduct}=="6001", SYMLINK="HCS12"
ATTRS{idVendor}=="067b", ATTRS{idProduct}=="2303", SYMLINK="Driver12"
ATTRS{idVendor}=="050d", ATTRS{idProduct}=="0109", SYMLINK="Driver34"
According to the documentation, all that is needed to write proper rules is one match operator (relevant info) and one assignment operator (name of port). I am running kernel 2.6.31-22, so udev rules are valid for use (they require at least 2.6.15). My only guess is to include something that identifies the serial port.
What I am trying to do is edit the link target to force ip=xxxx.xxx.xxx string at end. I have a software program which access 4 different servers running the software but with different configs. In xp I can copy links and modify as above to correctly force the program to the various servers.
I have read the various how tos on hard vs sym links which I get. Playing around with hardlinks and sysmlinks (the examples I find) does not seem to be what I need. Feel like this is pretty basic stuff but I am a bit stumped.
I just installed ufw and made some rules :-
Code: Select all$ sudo ufw enable
$ sudo ufw default deny
$ sudo ufw allow 80,443/tcp
Now this gives the following :-
Code: Select allRule added
Rule added (v6)
Now is there anyway to tell it to NOT add the v6 rules (of course over time v6 will become the new standard and I'll have to upgrade my router and all) but till my ISP doesn't I just want to make it easy for myself.
I could install gufw and just take that rule out but wanted to know if there was a way to do that via CLI .
Explain the following iptable rules for me?
I understand 1 and 2, 1 creates the new syn_flood chain and 2 redirects all SYN requests to the new syn_flood chain.
I'm having trouble understanding 3 and 4. can someone explain to me in laymen terms the --limit 1/s and --limit-burst 3?
Seems like this should be a simple question, but I've looked around and have not found an obvious location to keep custom policy based routing rules in Ubuntu./etc/network/if-up.d comes to mind, but I was wondering is that was a "standard" spot. Also it doesn't seem like these rules really need to run each time an interface is up'ed or down'ed.
View 4 Replies View RelatedHow do you delete ufw rules which you didn't make?
I want to block the FTP ports (20 & 21) but even if I put in DENY rules, it appears that these rules are letting traffic through
Code:
9 400 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:20
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20 state RELATED,ESTABLISHED
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 multiport dports 21,20 state RELATED,ESTABLISHED
How do I delete these rules? I've tried.
Code:
sudo ufw delete allow 20
sudo ufw delete proto tcp from any to any 20
but I get "Could not delete non-existent rule".
Since I didn't make those rules I have no idea what OpenBSD's PF syntax (what ufw uses) is for them.
Is it possible to set up a udev rule that will check if a file exists on a USB drive?
I've got a few ubuntu servers in environments with some very not-techy peoples. Im hoping to get to the point where I can give them a few USB sticks with scripts on them, and if they plus one of these sticks in it will be mounted in, say, /media/special (rather than /media/usb0..7) and then the script would be run. But if a usb drive without special.sh is inserted, it should be mounted to /media/usb0..7 as normal.
I've been googeling for udev rules, and it seems simple enough to specify a mount point based on brand/model/serialnumber/etc... but i havent been able to find anything about checking for the existance of a file.
Tho the more i think about it, the more im starting to think its not going to be that straight forward. Can udev check for a file on a drive before that drive is mounted? Is it going to be a case of mounting every drive to /media/usb0..7 then having a script run that will check for the file, and if its there change the mount point before running special.sh?
I can't stand looking at the ugly, off-center, non-themed maximize/minimize/close buttons in the maximized global menu. Is it possible to set a window to maximize *below* the top panel? Or at least to have its set fixed size be its fixed size when not maximized?
Using Compiz window rules I've been able to set a fixed size in some applications (Opera, for example), but whenever I open them, the window automatically opens as maximized. When I un-maximize, it reverts to whatever size it wants, and having to resize my windows all the time is a pain.
