I run ubuntu on home pc and am very happy with it. I use internet to surf and to see my email on gmail.com etc. What commands should I give to setup ufw firewall so that only this much is allowed? Also, where can I see if some other connections have been blocked?
View 9 RepliesI am trying to use Bittornado with iptables via Firestarter. Previously, I had no problems, but now I have started using Firestarter, traffic is blocked. AIUI, after selecting the .torrent file, the client (me) connects to the tracker. In Firestarter, I see that my IP is trying to connect to various ports, all of which are blocked.I assumed the problem was that because Firestarter has a restrictive outbound traffic policy, that I needed to add Bittornado to it. So in Bittornado, I selected the acceptable ports as 10000-10010 (randomized), and then in Firestarter for the outbound policy I allowed those same ports.The inbound traffic policy has no rules. All traffic is permitted and I have a direct connection to the Internet (no NAT). I do not understand why, if I have selected the permissible outbound ports in Firestarter, and also selected those same ports in Bittornado, why connections between my IP and the tracker are blocked?
View 2 Replies View RelatedIf I use my current iptables firewall settings my php includes from my own site get blocked by the firewall. If I use accept all tcp and udp it still does not work. If I use a default policy of accept all, then the php includes work which is not safe. I am running a drupal 6 site on a centos 5.3 vps with apache 2.2.0 and php 5.2.6 w/ safe mode on. He is my current iptable configuration.
Quote:
Chain VZ_FORWARD (1 references)
target prot opt source destination
Chain VZ_INPUT (1 references)
target prot opt source destination
[code]....
(centos 5.5 86*64 with cpanel) I am trying to set up a php script.
The script requires an outbound connection to project honeypot and when I go to the honeypot.php on my server I get an error asking if outbound connections are disabled.
They could be...I am not sure where to check, I have checked csf and outbound tcp is allowed on port 80, but I am not sure if I should be looking somewhere else.
Obviously I dont want to make the server insecure, so I am wondering how I can allow this outbound connection.
The firewall in Fedora 12 seems to block UPnP by default, but opening port 1900 for UDP, as I have seen suggestedes not resolve the problem.have the following three scenarios:Firewall Enabled: Transmission cannot open a port by UPnPFirewall Enabled (1900 UDP allowed): Transmission cannot open a port by UPnPFirewall Disabled: Transmission opens a port via UPnP fineAny ideas? Yes, the port that I'm trying to open is also allowed. Router is a Linksys BEFSR41 v4.3, should you care
View 6 Replies View Relatedi have a server running vsftpd, and when i connect to it from the server itself using my externel ip address, everything checks ok, and i can browse files. but when i try to do the same on a windows computer on my network, this is what happens: [my externel ip is blocked out with x]
[Code]....
now mind you, my linux server is running from port forwarding from my router, which is connected to the main computer, and i have ssh and squid running as well. not sure if those two have any affect on the service. i think this is a problem with the firewall, because i have read somewhere that multiple ports need to be open for a passive ftp to work.
I setup Mediatomb on another box in my house to connect to with XBMC. XBMC will only connect though if the firewall is off on the local machine. I have both TCP and UCP ports 1900 and 50500 (the port for Mediatomb) enabled on my laptop (local) and the correct ports are open on the remote machine (my wife's vista laptop will connect through XBMC). I can connect to Mediatomb through it's web interface (to set visible folders/files) but not through UPnP (at least not through XBMC)
View 9 Replies View RelatedSmall server running 5.3 - stock postfix configured to use Maildir. Dovecot configured but both pop and imap ports blocked by firewall. Access to mail is via Squirrelmail via https. Configured to virus scan via ClamAV. Works just fine. Now I want to add procmail filtering. So I create these two files - ~/.forward and ~/.procmailrc in my user home dir: "|exec /usr/bin/procmail -f- || exit 75 #mpeters"
View 1 Replies View RelatedI am learning to setup firewall in my home for that i have selected four system(sys1,sys2....sys4) for testing .I have configured sys2 to act as a firewall with two NIC. sys3 and sys4 are inside the firewall . sys1 is not connected to firewall for testing purpose.
the IP assignments are follows :
sys1 : ( fedora, not connected to firewall i am thinking, But i am not sure )
IP : 192.168.2.1 ,
gateway : blank
dns1 : blank
dns2 : blank
sys2 firewall ,IPTABLES )
code....
what happened is that sys1(not connected to firewall) can ssh to sys4(connected,inside firewall),since the rules are written not to ssh form sys1 to sys4..
then I came to know whatever the request I give, It directly goes as sys1 --> sys4. Not as sys1-----> sys2(firewall)---> sys4 .and the firewall is not filtering and processing anything for both inbound and outbound (i think it's my mistake some where). the requests are directly going inside without firewall.
I am using pidgin messenger. Its not connecting properly as our Internet is blocked by a firewall. Can we do something so that it works properly
View 5 Replies View RelatedI have noticed interesting problem. I use two browsers - Firefox and Konqueror. Konqueror is configured to use tor, Firefox not. Using Gufw I block all incoming and outgoing traffic and it works while using Firefox, I mean that I can't view any www site and it is ok. But if I use Konqueror I can establish any conection. How to understand this? Should I have different firewall while using tor?
View 5 Replies View RelatedI know that GNU/Linux does not need a firewall (due to iptables), but I would like a basic firewall that would watch incoming and outgoing connections. I would prefer it to have a try icon and be able to run as a regular user, such that I can add it to my .fluxbox/startup file. Anyone know of any good ones? They don't actually have to interface into iptables (because I would do that myself), but if they do it would be a bonus.
View 4 Replies View RelatedI was using Transmission BitTorrent the other night, when I noticed that I was getting heavily spammed by one particular IP. I then stopped the torrents and disabled the network.I wanted to add my own block-list, containing this IP, to $HOME/.config/transmission/blocklists, but could not get it working. Transmission is supposed to parse this text file into binary format upon startup. I tried both allowed formats, but Transmission kept on creating an empty binary file (this was version 1.93 in the official repo, I have since upgraded to 2.33 by adding a PPA, and it now works correctly).
I then blocked this IP in the firewall outbound traffic policy, allowing Transmission, on the port number that I forwarded on the router, on the inbound policy. After a restart, I watched the torrents picking up speed as more peers connected, and then saw this IP getting blocked. However, the same IP immediately also appeared as a peer in one of my torrents.I then double checked all settings and log files, to ensure that there is no typo. The same IP that was shown as blocked in the log files, also successfully made a connection to Transmission. After a while I gave up, and shut down.The IP was an incoming connection, but was explicitly nominated to be blocked in outgoing traffic. The firewall was supposed to silently ignore this IP, not making a connection possible.
ICMP filtering was enabled, with the following not allowed:
- Address Masking
- Redirection
- Source Quenching
Now surely this is not normal?Is this a bug in ip-tables?Isn't this a serious security breach?
I want to write a custom rule to allow all connections to the ip addresses on my local network (192.168.2.2 through ...99) but I don't know how. I know adding a custom rule asks me to read a file and put it in "iptables" format, but I don't know how...
View 5 Replies View RelatedI am still new to ubuntu and I use firestarter as my firewall tool and I was told that its just ufw in a gui. Well anyways I noticed a connection to 174.129.241.144 using https and python, I didn't have any scripts running and my browser was closed, I read the man files for ufw and it said to do something like deny from 174.129.0.0/12 and I want to block all incoming and outgoing connections to this IP range and I was wondering how to do that, I heard of iptables that it would be able to do this but I dont know anything about it. What I should learn so I can handle these kinds of situation in the future and how I can block this ip subnet or also what does the /8, /12, and /16 stand for?
View 7 Replies View RelatedI have problem on VPS running opensuse. When I enable firewall outbound connections stop working. I have tried everything I know (not much when it comes to firewall (iptables)) but could not solve this.
Here is my ifconfig:
Code:
I used xxx.xxx.xxx.xxx to hide real address.
I am a Linux newbie so please bear with me if I sound stupid. I was checking out how to set up a firewall for my system and landed on this webpage: [URL]. But I am so confused with how this ufw application works. What I understand is that once I set it to "default deny" it prevents unauthorized incoming connection but what does it mean when the author says to add exceptions for services I need? When do I need to do that? Also what's an SSH server?
View 2 Replies View RelatedI need to setup a xdmcp server on ubuntu 10.10 to allow for remote connections. Obviously this cant be done from the login window as with previous versions of Ubuntu.
View 3 Replies View RelatedI want to setup a router with firewall on ubuntu box that will connect windows pcs one serving as outside source and one serving as inside target.
View 2 Replies View RelatedDoes a firewall exist, that shows "whois" info for ALL new connections that are attempted? Or even better, "smartwhois" info?New connections meaning, connections to IP blocks never connected to before. So you go to a site that belongs to owner A, and if an attempt is covertly made to connect to another site that belongs to owner B, an alert is shown and you choose if you trust this owner.
View 14 Replies View Relatedhave a problem with my network-manager in ubuntu 10.10.when I dial one of my vpn connections, my other vpn connections be disabled and I can't use them!I tried to restart network-manager and gnome-panel, but it does't seem to solve this problem.
View 1 Replies View RelatedMy server SUSE 10.2. I am already working with one pppoe connection, I need to configure the second on the same server? How I do this? This forum has no such message....
View 3 Replies View RelatedMy server SUSE 10.2. I am already working with one pppoe connection, I need to configure the second on the same server? How I do this?
View 2 Replies View RelatedAfter editing my network connections gateway setup as 192.168.1.1 I get back 0.0.0.0 after I run nm-tool. I'm using Ubuntu ver 9.04 setup on my VMware server.
View 1 Replies View RelatedI got Shorewall firewall all Set-up perfect but I'm stuck at 1 last bit. The aim is to let on 2 clients max onto my server. I have the policy setup in webmin as.
Uploaded with ImageShack.us
More than 2 clients can get onto the server. The aim is to have it as a ddos protection allowing 100 clients on and a max burst of 10 clients at a time.
how can i setup a firewall in my system
View 3 Replies View RelatedUp until recently, as in a few days ago, I was using Ubuntu and had ufw managing the firewall.It's been "recommended" that iptables itself be used. Where do I do the rules go (as in a file) and how do I call those rules at startup?
View 6 Replies View RelatedHow do i set up my firewall to allow traffic from iperf?
View 6 Replies View RelatedI'm an it student and a newbie in linux OS.
We have this final project that we have to set-up
a firewall in a linux redhat OS which i totally have no idea ..
i did some research but haven't found the right one.
I am running squeeze 6 on amd64 i like to know if there is guide how to setup a good firewall for dummies like me
View 7 Replies View Related