Fedora Security :: Iptables File Syntax?

Dec 19, 2009

Wondering if anyone knows what the range specification is meant to do for the colonHAIN at the top of the iptables file? e.g. what is the 1:76 range mean for :OUTPUT ACCEPT [1:76] ?

# Generated by iptables-save v1.4.1.1 on Sat Dec 19 12:28:00 2009


View 2 Replies


General :: Can't Open File/abcd/configFiles/vim/syntax/syntax.vim?

Mar 7, 2011

When ever i open vim, i get the error that the following error: E484: Can't open file/abcd/configFiles/vim/syntax/syntax.vim There was a .vimrc file in my home folder that i have removed.

Still i keep getting the same error. Presently in my home folder there is no .gvimrc or .vimrc file.

But still i keep getting the same error. I am not too sure where this file is mentioned.

Background info: The SHELL has been changed from tcsh to bash Earlier i had created a .vimrc file in tcsh, i have removed the .vimrc in bash SHELL.

View 1 Replies View Related

Ubuntu Security :: Iptables: MAC Filtering With A File?

Jul 2, 2011

I'm wanting to use mac filtering to restrict access to certain machines. I already know that I can just add MACs line by line, but is there a way to specify a list of MACs? That way it would be much simpler to maintain a list of acceptable/unacceptable hosts.

I'm not going to rely only on this list because of spoofing, but it would be nice as another "layer" of protection.

View 4 Replies View Related

Ubuntu Security :: Failing On The First Command When Run Iptables-restore < File Location

May 4, 2010

I'm setting up a server with Jaunty Jackalope version. I'm trying to test setting up a basic iptables rules... No matter which command I put in, it is failing on the first command when I run iptables-restore < file location (the first rule always fails). I'm doing this on the root user and first typing in the iptables rules in a test file. I've tried the first command starting with % sudo, iptables and -A. All have the same result. I've also tried letting the HTTP rule be first with the same result.


View 2 Replies View Related

Fedora Security :: Allow DNS In Iptables

Feb 1, 2009

I have been struggling with this for a very long time now. I have installed Fedora Core 9 on my computer. I have set it up as a caching-nameserver and this is working.

Then I wanted to secure my server with iptables, and I have so far made this script:

# Load the connection tracker kernel module
modprobe ip_conntrack
iptables -F
iptables -P INPUT DROP
iptables -P FORWARD DROP


I can reach the dns server with ping. When trying Nslookup it says that it got SERVFAIL from trying next server, and then it times out.

My resolv.conf file lists:

nameserver DNS-server

View 13 Replies View Related

Fedora Security :: Can't Get FTP Through Iptables

Dec 14, 2009

Im pulling my hair out trying to get ftp to work through iptables.Im using vsftpd

Table: filter
Chain INPUT (policy DROP)
num target prot opt source destination
1 ACCEPT all --


View 3 Replies View Related

Fedora Security :: Iptables - Block Everything From Getting In My Pc

Mar 17, 2009

What i wanted to do was block everything from getting in my pc but still be able to surf the web and still use instant messenger.

View 2 Replies View Related

General :: Transparent Squid - Iptables Syntax And Unable To Use Outlook To Access SMTP And POP3

Feb 10, 2011

I've set up Ubuntu 9.04 (desktop) at home in a lab environment (workgroup rather than domain) and have configured Squid. Everything works fine but, when I took it to the next level and made the proxy transparent, my problems began. I can still access sites (having pointed the XP Pro client to the squid box as the DG) and the sites are logged in /var/log/squid/access.log but I am unable to use Outlook to access my SMTP and POP3. I guess that the setup is blocking ports 25 and 110 and I'll need to configure iptables to forward packets destined for these ports directly to the "real" DG, rather than the Squid box. Here's the set up:

A single NIC (eth0) on / 16 (static) ADSL router ("real" DG) on I executed iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 3128 My squid.conf:

acl all src all
acl manager proto cache_object
acl localhost src
acl to_localhost dst
acl localnet src RFC1918 possible internal network
acl localnet src RFC1918 possible internal network
acl mynet src

View 6 Replies View Related

Fedora :: Doubt In Syntax Of A Generic Make File?

Sep 15, 2010

I was learning to write a make file, I could understand most part of it of course with few exception I dint understand what does the below commands make(red font). I would like to understand what those syntax represent rather than mugging up without knowing what it means.

$(OBJECTS) :%.o :%.c
$(CC) -c $(CFLAGS) $(INCLUDES) $< -o $@


rm -f *.o $(TARGET) core

View 1 Replies View Related

Fedora Security :: How Iptables Knows At What Interfaces To Use Rules

May 3, 2009

When I use system-config-firewall, it asks what interfaces to trust. Where does it store that information for iptables (or whatever uses that info)? How iptables knows at what interfaces to use the rules?There is not that kind of information in /etc/sysconf/iptables and iptables-config.

View 2 Replies View Related

Fedora Security :: Iptables Allowing Specific Ip's?

Dec 8, 2009

i've got a few questions about iptables. i know how to set up ip tables to only allow from an ip address or a subnetting ip addresses. question is how do i allow from 2 different networks? would i need to create 2 lines of entry in iptables to the same port? e: allow and on port 22 is there a way to put all that in 1 line or would i need to create to rules for the port? i know i can use the ssh allow or deny but i'd like to stop access even before it gets to the ssh. stop it at the source kinda thing.

View 4 Replies View Related

Fedora Security :: Iptables Non-standard Broken?

Jan 28, 2010

I found a behavior of iptables on FC12 to be different and suspect it's broken somehow. Here is what I did

# iptables -F
# iptables -A INPUT -s -p tcp --dport 22 -j ACCEPT

I don't have a shell on FC12 with me to show the output of iptables -L -n but it looks good after above 2 commands. However, after issuing the following third command iptables -L -n gives "wrong" result

# iptables -R INPUT 1 -s -p tcp --dport 22 -j ACCEPT

Namely iptables -L -n gives extra "/0" after in the output I have checked on Ubuntu 9.10 and centos 5.4 and they don't give extra "/0"; iptables is not supposed to do that. Of course, I didn't invent these examples but they are abstracted from actual real life scenerio of trying to build rules on our servers.

View 3 Replies View Related

Fedora Security :: Iptables To Deny All Except Localhost?

May 15, 2011

i was hoping that someone in here could possibly help me out with my iptables rule set. First here is what i would like iptables to do, i want iptables to deny all packets or traffic from the outside coming in and for output allow the things i need like web and irc etc... Also, i would like iptables to deny access to all services like sendmail and ssh except i would like localhost to have access to everything. What i mean by localhost is that when i run my iptables script it loads fine except when i try ssh from localhost i get this output:ssh -l user localhostssh_exchange_identification: Connection closed by remote hostI know what most of you are thinking, why do i need to ssh into localhost from localhost just open another terminal, well i am getting myself familiar with iptables i want all services logged and blocked but not from localhost. I cant seem to figure out this problem and i have tried several different things. Here is my iptables script, I am hoping that someone out there can tell me what i am doing wrong...

iptables -v -F;
iptables -v -A INPUT -i lo -j ACCEPT;


View 5 Replies View Related

Fedora :: Emacs: Set Syntax Highlighting For Unknown File Type

Mar 20, 2010

How can I tell emacs that a file type that it doesn't recognise should have the same syntax highlighting as one it does?

Xfig produces .pstex files which I want to be highlighted like .ps/.eps

View 2 Replies View Related

Fedora Security :: Iptables Don't Suffices And Need A Cisco Product

Feb 10, 2010

i am learning security and firewalling. i want to know . where a linux firewall is sufficeint and where it is not sufficeint? if you can explain why or give a reference i will be glad. is that security or traffic handling problem? when i should select a cisco product? in tarms of traffic and sceutiry. do you have any good alternative recomendation to Cisco

View 1 Replies View Related

Fedora Security :: Add A Rule In Iptables On Squid Server?

Mar 4, 2011

I am using squid on my fedora box as a proxy server.By default the iptables (Firewall) service is on.To allow web pages to my client machines i stop the iptable service.

#service iptables stop

By doing it client computers start browsing.kindly how can I add a rule so that without stoping firewall client compter work fine.my perver IP address is

View 3 Replies View Related

Fedora Security :: Iptables Masquerade, Can Ping But No Http Access?

Dec 13, 2009

I've got two routers, and, which are joined by a Linux box with interfaces eth0 ( and ra0 ( I've got masquerading for ra0, and a route to on's router. I CAN ping hosts on from just fine, but I CANNOT access web pages.Strangely, If I enable masquerading on eth0, and add a route to router to, I can ping AND access web pages from is my current iptables



View 14 Replies View Related

Security :: Iptables 1.4.1 Mac Module Doesn't Work (error Message) - Fedora Core 8

Nov 25, 2010

I use iptables firewall (v1.4.1) installed on FC8. I'm trying to limit the inflow traffic for the port 1723 to certain MAC addresses. To experiment with the mac option, I've written the following iptables rule:


iptables -A INPUT -m -mac --mac-source 10:08:08:08:08:10 -j ACCEPT

It didn't work. It gave me this error message:


iptables v1.4.1: Couldn't load match `-mac':/usr/local/libexec/xtables/libipt_-mac.so: cannot open shared object file: No such file or directory

Try `iptables -h' or 'iptables --help' for more information. Does that mean the mac module wasn't installed/enabled?

View 4 Replies View Related

Fedora Security :: FC11 Is Set By Default To Reset The IPTables Firewall To ACCEPT Across The Board Each Restart?

Jul 16, 2009

How come FC11 is set by default to reset the IPTables firewall to ACCEPT across the board each restart?

View 4 Replies View Related

Security :: /etc/sudoers Syntax With %groupname?

Feb 1, 2010

My goal: I want to give users in the group "rtkprd" the ability to elevate their privileges and run a restricted shell script by using sudo. The full path to the shell script is /usr/local/bin/only_rtkprd.sh
The syntax of /etc/sudoers is giving me fits, to I've reduced my sudoers to a single log directive and a single line to enable the rtkprd group.

Defaults logfile=/var/log/sudo
%rtkprd ALL = (rtkprd) /usr/local/bin/only_rtkprd.sh


View 3 Replies View Related

Ubuntu Security :: GRsync --Exclude Command Syntax / Backup A Whole Startup Disk To Another?

Jul 19, 2010

I'm trying to backup a whole startup disk to another with GRSYNC but I don't need some files or directories. For example, I don't want to backup my 'swapfile1' (I do not have a dedicated swap partition) or the 'media' directory' in order to no enter a looping sync.I've searched the web for the correct syntax of the --exclude command but none have worked if applied in the advanced option "before" rsync starts. These a sample of NOT workin syntaxes:

exclude /media or -- exclude 'media' or -- exclude "media"

same for swapfile1:

exclude swapfile1 or -- exclude 'swapfile1' or -- exclude "swapfile1"

View 7 Replies View Related

Fedora Servers :: Unable To Restore My Iptables From Iptables-save After Upgrading

Nov 26, 2010

I am unable to restore my iptables from iptables-save after upgrading Fedora. I cannot get iptables-restore to work, and I have resorted to entering rules manually using the GUI.

View 2 Replies View Related

Red Hat / Fedora :: Edit /etc/sysconfig/iptables And Create/delete Rules Inside That File?

Sep 9, 2010

can i actually edit /etc/sysconfig/iptables and create/delete rules inside that file?will it work? i just find using the IPTABLES -A or -D command a hassle

View 3 Replies View Related

Fedora :: IPtables Creates An Error During Startup - Applying Firewall Rules: Iptables-restore: Line 21 Failed

Jul 17, 2010

IPtables creates an error during startup as well as when I try to restart it: Here's the output of:


View 11 Replies View Related

Programming :: Validate XML File For Its Syntax?

Jan 25, 2011

I am having an XML file,i want to verify the file for its syntax,

View 14 Replies View Related

General :: Send A File Using The Sftp Syntax

Mar 24, 2011

I understand how to get a file from an another computer using the sftp syntax

So i can get the file abc from comp2 to comp1

But how can I send a file cba from comp1 to comp2 using the sftp(I am still using comp1)

View 2 Replies View Related

General :: Sudoers File: Syntax Error?

Jul 11, 2010

Recently I edited sudoers file and did typing error. Now neither I can do sudo nor change it.

sudo visudo -c
>>> sudoers file: syntax error, line 8 <<<
How I can get correct the sudoers file?

View 5 Replies View Related

Security :: Can't Zero Out Counters In Iptables

Feb 25, 2010

I have a problem with iptables, when I execute


View 5 Replies View Related

Security :: Configure IPtables To Only Allow VNC Over SSH

Apr 4, 2010

I am trying to figure out how I can configure IPtables to only allow VNC traffic to an internal server over SSH.

My configuration is WAN < --- > Gateway (Ubuntu 9.10 Server) < --- > Internal Server (that I want to control with VNC over SSH)

View 12 Replies View Related

Security :: How To Keep Safe PC Using Iptables

Dec 5, 2010

I am using Fedora on my desktop pc. I want to know how can i protact my PC from outside world. What firewall policy should i implement in iptables to keep it more secure.

View 5 Replies View Related

Copyrights 2005-15 www.BigResource.com, All rights reserved