Red Hat / Fedora :: Edit /etc/sysconfig/iptables And Create/delete Rules Inside That File?

Sep 9, 2010

can i actually edit /etc/sysconfig/iptables and create/delete rules inside that file?will it work? i just find using the IPTABLES -A or -D command a hassle

View 3 Replies


ADVERTISEMENT

Ubuntu :: Edit File Inside It, Open It, Edit A File, Then Remake The Bin File?

Mar 3, 2011

I have a linux.img image for ubuntu.I want to edit file inside it, how can open it, edit a file, then remake the bin file?

View 7 Replies View Related

Fedora :: /etc/sysconfig/iptables Changes Missing?

Nov 30, 2009

On Fedora 12 each reboot seem to reset my custom iptables rules I have manually added to/etc/sysconfig/iptables. My change are in /etc/sysconfig/iptables.old so obviously some process is removing them.

View 4 Replies View Related

Ubuntu :: Can't Create File /etc/udev/rules.d/70-android.rules?

Jun 19, 2011

I need to create filename 70-android.rules in the directory /etc/udev/rules.d/I have Adm privileges in my user account properties, but when I use sudo to create this file the Ubuntu OS does not allow me the privilege... I am running Ubuntu 10.04 LTS and here's the Terminal output below:daddy@gatomon-laptop:/etc/udev/rules.d$ sudo cat > 70-android.rulesbash: 70-android.rules: Permission denieddaddy@gatomon-laptop:/etc/udev$ ls -ltotal 8drwxr-xr-x 2 root root 4096 2011-03-16 18:03 rules.d-rw-r--r-- 1 root root 218 2010-04-19 04:30 udev.conf

View 2 Replies View Related

Security :: IPTables Layered Chains - Create Rules For Certain Services Like Xmpp / Web

Jan 16, 2010

I want to simplify some of my rules, so I want to create rules for certain services like xmpp, web, etc. since some of them use multiple ports, and I toggle them on/off a lot. Can I simply put the jump to rule clauses in the Input chain, and once the sub chains run, does it return to the input chain after the jump to rule clause? I want to do this so I don't have a ton of rules in the input chain. I think that if I simply make a list of all the rules to jump to in the input chain, it will work itself through all of them until it finds a matching filter in one of them correct?

View 9 Replies View Related

Fedora :: IPtables Creates An Error During Startup - Applying Firewall Rules: Iptables-restore: Line 21 Failed

Jul 17, 2010

IPtables creates an error during startup as well as when I try to restart it: Here's the output of:

[Code]....

View 11 Replies View Related

Red Hat / Fedora :: Edit A Text File To Delete All Commas In The File?

Jan 4, 2011

i want to find a command line way to edit a text file to delete all commas in the file. i do not want to replace them w/ anything.

View 2 Replies View Related

General :: RHEL 4, /etc/sysconfig/iptables Permission Denied?

Apr 7, 2010

I'm installing Webmin on a older DNS server here at work. Can't connect to port 10000 so I checked the server ports via NMAP, looked like the port is closed. I tried to run /etc/sysconfig/iptables but this returned a "permission denied" message. I'm logged in as root, not sure what I'm missing, maybe I'm running the command incorrectly?

View 4 Replies View Related

Fedora Security :: How Iptables Knows At What Interfaces To Use Rules

May 3, 2009

When I use system-config-firewall, it asks what interfaces to trust. Where does it store that information for iptables (or whatever uses that info)? How iptables knows at what interfaces to use the rules?There is not that kind of information in /etc/sysconf/iptables and iptables-config.

View 2 Replies View Related

Ubuntu Servers :: Setup Iptables Rules In /etc/if-up.d/iptables?

Apr 16, 2011

I am running Ubuntu server 10.10 and trying to setup iptables rules in /etc/if-up.d/iptables

Quote:
root@host# cat /etc/network/if-up.d/iptables
#!/bin/sh -e
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

Problem is that iptables doesn't get updated and I don't see them when iptables -L is executed after reboot.

View 2 Replies View Related

Fedora Networking :: IPtables Rejects Rules Upon First Boot

Jan 25, 2010

I am trying solve a strange problem which ocurred after upgrading many packages including kernel and iptables.This is a Fedora 10 PC acting as a small home-server I've been using over a year without problems. Recently, I've run a yum upgrade and after that, connections outside home wouldn't work. No changes in IPtables (firewall) rules have been done. But connection through local network is working.Symptom is.I've connected to my second PC at home and connected to the server. It works fine on local network. I restart network services (service network restart) and outside connections could be established.I have disabled iptables and ip6tables and after reboots it works fine. But PC is running without firewall.

View 5 Replies View Related

Red Hat / Fedora :: Getting Error While Adding Rules To Iptables / Sort It?

Dec 22, 2010

I am using a kernel of version 2.6.32 . I installed iptables of version 1.4.2 and it got installed successfully.
but while adding some rule to the iptable i faced an error like the following
iptables v1.4.2: Couldn't load target `standard':/usr/local//libexec/xtables/libipt_standard.so: cannot open shared object file: No such file or directory

i basically want to add a rule like the following
iptables -A INPUT -p icmp -j QUEUE

one more thing i would like to add post is tat
i did not find a library called libipt_standard.so in iptables folder(/usr/local/libexec/xtables)
instead i found a library libxt_standard.so

i tried renaming libxt_standard.so to libipt_standard.so
but even then i found the same error.

View 4 Replies View Related

Fedora Networking :: IPtables Passive Ftp Rules Donot Work?

Aug 15, 2011

I'm trying to build a firewall with IPTables: INTERNET <--------> (eth0) FIREWALL (eth1) <------------->FTP_srvI set all rules DROP by default.My rules for forwarding packet to FTP server:

#iptables -t nat -A PREROUTING -i eth1 -d $FIREWALL_EX_ADDR -p tcp --dport 21 -j DNAT --to-destination $FTP_ADDR:21
#iptables -A FORWARD -i eth0 -o eth1 -p tcp --dport 21 -m state --state NEW,ESTABLISHED,RELATED -j ACCEPT

[code]....

View 2 Replies View Related

Fedora :: Missing /etc/sysconfig/network File And Eth0 And Wlan0 Files?

Oct 31, 2010

I just installed Fedora 13 on a new Dell XPS desktop and some of the networking files are not created/missing. The computer has Broadcom Gigabit wired card and Asus PCE-N13 wireless card. When I type lspci, I see that Network conroller: RaLink RT2860 and Ethernet controller: Broadcom BCM57780 Gigabit Ethernet. So, somehow they are being detected by the OS, but I am not sure if the drivers are installed or why some of the network files are missng.

View 1 Replies View Related

Ubuntu :: Create File Inside Htdocs XAMPP Directory

Sep 10, 2010

i'm a new Ubuntu user and starting with programming, i've already installed XAMPP for LINUX at /opt directory and the Eclipse app to code php, java etc.When I try to write or create a file inside htdocs XAMPP directory the Eclipse outputs this message to me:"Parent of resource: /opt/lampp/htdocs/site/includes/include.php is marked as read-only./ opt/ lampp/ htdocs/site/includes/include.php (Permission denied)"Whats the matter with this possible error?

View 7 Replies View Related

CentOS 5 :: Unable To Edit/delete File - Operation Not Permitted

Mar 31, 2011

I'm having a problem where I'm unable to delete a file, even as root. Any attempts to remove or otherwise modify the file result in 'Operation not permitted'.

# rm d91c6a6e_2a2d7_out.xml
rm: remove regular file `d91c6a6e_2a2d7_out.xml'? y
rm: cannot remove `d91c6a6e_2a2d7_out.xml': Operation not permitted

View 3 Replies View Related

Fedora :: Allow User To Save/edit/delete Documents In A Folder But Not Delete That Folder?

Sep 6, 2011

Recently I setup a system for a non-technical user. He is only using Firefox, Pidgin and OpenOffice for about 2 hours a day. I have created a folder "/home/jim/myFiles" where he can save his document files. But Jim has accidentally deleted his myFiles folder on 2 occasions. He had intended to delete a file in that folder. Is there a way to lock the folder so that the user and create/read/write documents in that folder but not delete the folder itself?

View 14 Replies View Related

General :: Create _ Edit And View A File In System?

Oct 5, 2009

How to I open, create, edit, or view a file in Linux?

View 5 Replies View Related

Ubuntu :: Edit Before.rules In Ufw

Sep 26, 2010

I'm running into a problem with ufw when enabled and need to edit before.rules but i simply do not know how to safely do so. This is a known issue [URL] The problem for me is;i issue the command sudo vi /etc/ufw/before.rules and i get there,i use the arrow keys to get to this part to replace "-m conntrack --ctstate" to "-m state --state" and i do not know how to execute this safely.I am using enter keys,delete keys and.

View 3 Replies View Related

Networking :: Can't APPLY Iptables Rules

May 22, 2011

I added a few rules to my /etc/iptables.rules file and then used sudo iptables-restore < /etc/iptables.rules but i got an error saying "iptables-restore: line 29 failed".But the only word on that line.

View 1 Replies View Related

Security :: Programming Iptables Rules For 1:1 NAT?

Sep 16, 2010

I am trying to program iptable rules for implementing a 1:1 NAT which does the following:

1. Forward all traffic from all ports on a public ip to a private ip
2. Forward traffic from a range of ports (x-->y) on a public ip, to a private ip

I did some google searches for the same, and came up with the following.

iptables -A FORWARD -t filter -o eth0 -m state
state NEW,ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -t filter -i eth0 -m state
state ESTABLISHED,RELATED -j ACCEPT

View 15 Replies View Related

Security :: What Are Strong Iptables Rules?

Mar 31, 2011

Can someone please let me know strong iptables rules? Below entries are in iptables file.Here Y.Y.Y.Y is another branch public IP.This server acts as gateway+squid server.Further it will serve company's intranet page also using httpd.OS is CentOS 5.0.

View 1 Replies View Related

Security :: Setting Iptables Rules

Jan 27, 2011

I am setting my firewall rules using the command iptables.My question is i wanna know what command i can use that list rule 2 and 3 for instance in my table?i want to create rule that: The host is administered using SSH, scp and sftp so allow incoming SSH traffic and securing remote file copying and transferring.

View 2 Replies View Related

Ubuntu Security :: Modify The Iptables Rules In Any Way?

Jul 9, 2011

what do the following two commands do? Do they modify the iptables rules in any way?

sudo /sbin/iptables -L -n
sudo /sbin/ip6tables -L -n

View 5 Replies View Related

Networking :: Verifying Iptables Rules For Security?

Mar 10, 2011

I need with some iptables rules. I've done all I can, Googling all over, to cover as many exploits as possible and the following script is what I've come up with. The current set up works and I've checked with NMAP. I just need some sort of confirmation that this is pretty much what I can do.

Code:

LAN="eth0 eth1"
RANGE=10.1.0.0/17
WAN=eth2
# Delete all existing rules

[code]....

Also, if I wanted a broadcast to be relayed to all subnets within a defined range, how would such a iptables rule look like? I need this in order to find a networked Canon MP640 printer.

View 1 Replies View Related

Networking :: Firewall Installed Using IPtables - NAT Rules?

Apr 7, 2010

I just install 1 firewall using Iptables.
Firewall includes 2 NIC:
NIC1 <IP PUBLIC>
NIC2 192.168.10.1
I installed 1 web server IP: 192.168.10.2
I have some PC IP range: 192.168.10.10->20

I set rules NAT on firewall and PC & web server can connect internet good, but I have problems:
When PC access to web server with IP 192.168.10.2 that ok, but PC can't access to web server when using IP Public. But outside internet, I can access to web server using IP Public.

Rules on IPTables
Code:
# Generated by iptables-save v1.3.5 on Sun Mar 7 21:01:16 2010
*nat
:PREROUTING ACCEPT [950:126970]
:POSTROUTING ACCEPT [89:5880]
:OUTPUT ACCEPT [19:1342]
-A PREROUTING -d 209.99.242.124 -i eth0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.10.2:80
-A POSTROUTING -s 192.168.10.0/24 -o eth0 -j SNAT --to-source 209.99.242.124
*filter
:INPUT DROP [1599:157409]
:FORWARD DROP [0:0]
:OUTPUT ACCEPT [232:34452]
-A FORWARD -i eth0 -o eth1 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i eth1 -o eth0 -j ACCEPT
-A FORWARD -i eth0 -o eth1 -d 192.168.10.2 -p tcp --dport 80 -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -i eth1 -j ACCEPT
-A OUTPUT -o lo -j ACCEPT
-A OUTPUT -o eth1 -j ACCEPT
COMMIT

View 2 Replies View Related

Security :: IPTables Rules And Output Filters

Aug 25, 2010

I put together the following filter set :
Code:
#!/bin/sh
#To understand this script, reference the No Starch Press Linux Firewalls Book.

MODPROBE=/sbin/modprobe
IPT=/sbin/iptables
IPTSV=/sbin/iptables-save
IPT6=/sbin/ip6tables
IPT6SV=/sbin/ip6tables-save

### flush / drop policy sets
echo "[+] Flushing existing rules with DEFAULT of DROP [+]"
echo "[+] IPv4 [+]"
$IPT -F
$IPT -F -t nat
$IPT -X
$IPT -P INPUT DROP
$IPT -P OUTPUT DROP
$IPT -P FORWARD DROP

echo "[+] IPv6 [+]"
$IPT6 -F
$IPT6 -F -t nat
$IPT6 -X
$IPT6 -P INPUT DROP
$IPT6 -P OUTPUT DROP
$IPT6 -P FORWARD DROP .....
###OUTPUT rules: LOG rule
$IPT -A OUTPUT -o ! lo -j LOG --log-prefix "DROPED OUTBOUND" --log-ip-options --log-tcp-options

I wanted to know how to allow certain applications through the outbound tables. For example, I wish to be able to use tools such as nmap,tracepath, and traceroute. However, I am not sure where to look to understand the ports to open. I was starting to think that maybe rather than ports to open it would need to be somehthing like tcp flags that would ned to be allowed. Any way, I have tried google and am still haing problems. I started wanting to use these tools due to getting ready for my network+ and security+ certs.

View 2 Replies View Related

Security :: IPTABLES Apply Certain Rules To Certain Mac Addresses

Jul 11, 2010

so the firewall rules I am currently using are displayed below.

Code:

# DROP ALL FORWARDED PACKETS
iptables -P FORWARD DROP # DROP ALL PACKETS
# ALLOW DHCP THROUGH THE FIREWALL

[code]....

View 6 Replies View Related

Security :: IPTABLES Auto Expire Rules

Jul 19, 2010

I have been trying to figure out how to makes rules in iptables that expire after a certain amount of time. From what I have found online you want to use the recent module with --rcheck and --seconds. I have found a few examples and have given them a shot but I can't seem to get it right. Would anyone mind posting an example of a rule that will auto expire?

View 3 Replies View Related

Security :: IPTABLES Rules Using Ipt_mac Module?

Feb 20, 2010

I've configured squid proxy server in a P4 desktop. I've 50 users in my network. I installed RHEL 4.4 (2.6.9-42 kernel) and the iptables version is 1.2.11-3.1. I've 2 NICs installed in the system. eth0 (192.168.100.99) for local lan and eth1 (192.168.1.2) for outgoing to internet. I've connected DSL broadband modem to eth1 (default ip of DSL modem is 192.168.1.1). All the clients except few has been forced to go through squid by user authentication to access internet. Those clients which were kept away from proxy are 192.168.100.253, 192.168.100.97, 192.168.100.95 and 192.168.100.165. Everything works fine but from last week I observed that one of some notorious user use the direct IPs (192.168.100.97 or 192.168.100.95) in the absense of the owner of these IPs to gain access to internet as we applied download/upload restrictions in squid.

I want to filter the packets of source hosts using MAC address in PREROUTING chain. I read somewhere that IPT_MAC module must be installed to make this happen. So that those notorious users can not change their ips to gain direct access to internet.

Below are the contents of my iptables file (I've ommited few entries for safty purpose).

# Generated by iptables-save v1.2.11 on Wed Nov 25 16:35:57 2009
*filter
:INPUT ACCEPT [14274:3846787]
:FORWARD ACCEPT [4460:1241297]
:OUTPUT ACCEPT [16825:4872475]
code....

View 9 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved