Ubuntu Servers :: SSH Behind NAT Blocking IP Using UFW?
Mar 18, 2011
I have a SSH server on Ubuntu 10.04 running behind a NAT. I have done the port-forwarding at the router. However say for example I want to restrict people connecting to the SSH server by country IP's. When I configure ufw with the following rule it still lets the IPs that are restricted through. Any idea why
sudo ufw allow from xxx.xxx.xxx.xxx/24 to any port 2556
So first off, it probably seems this question has been asked thousands of times before. but I did do a search, mostly archived posts that ended up being something other than a true ip blocking of the port. [URL]..
So my port 80 is truly blocked. Ive tried setting up the port forwarding on my router, Ive tried manually allowing all traffic on port 80 through ip tables. Ive even dabbled with setting up something like openDNS to see So far nothing, Im only available on my local network.
There has to be some way to do a redirect though. even something as simple as an htaccess file redirecting [URL].. xxxx (the space is there to avoid my url being interrupted by a smiley
I have Ubuntu Server (x64) installed on my box with Apache2 and Squid. For awahile port 80 (http) was fine, I could update packages and use wget. Then one random day port 80 became blocked for incoming traffic. I couldn't use apt-get and had to change to an ftp mirror to update. Also wget is not working.
I have a home server that I built recently and I have been looking into things I can make it do, and one idea that came up was software to manage incoming calls. The main thing I want is something that can block numbers, but it would also be nice if it could record calls or broadcast the caller id over my wireless network somehow. I've tried Googling around, but I really didn't find much.
My IP has been blocked by Composite Blocking List for " IP Address 207 is listed in the CBL. It appears to be infected with a spam sending trojan or proxy. It was last detected at 2011-01-02 11:00 GMT (+/- 30 minutes), approximately 1 days, 3 hours, 29 minutes ago. It has been relisted following a previous removal at 2010-12-30 17:15 GMT (3 days, 21 hours, 2 minutes ago)"
How do I find this "trojan" and remove it???? I have a network of 6 computers right now, 5 are running Ubuntu (3 server and 2 Desktop versions) and one windows computer. I have run a virus scan in the windows computer and found nothing. How can I scan a linux computer for a virus?
I have a device that is working on modbus protocol andI have written a small program(with block TCP read method ) to read its registers via modbus protocol.my program is working very well but except those times that I unplug the Ethernet cable or turning off the modbus gateway during programs work.at this time my program stops on recv system call (if it reach this system call exacly when I unplug Ethernet cable or turning off the modbus gateway during programs work).I changed my source to work in nonblock TCP method, at this time with the same situation my program does not stop/block on recv system call but after pluging back the Ethernet cable or resuming the connectivity situation back it reads data incorrectly .this is my code:Quote:
My ISP (Cox) is blocking port 80 and I would like to know if there is a way to open it again. I am to taking about 8080, 8000 or 81 I want to use 80 so I can host my website and every one can access it without the need to put [url]:[PORT] at the URL
I'm trying to install libbz2-dev on my labtop.I'm running Kubuntu 10.04.Some packages could not be installed. This may mean that you have requested an impossible situation or if you are using the unstable distribution that some required packages have not yet been created or been moved out of Incoming.
I am trying to backup my system with a script I found here. It gives me an error message of invalid blocking factor for --exclude=lost+found I have no idea what this means. I tried to search this form for that message and received no hits.
After reading a lot about networking and security I decided to check the security of my own ubuntu box. So I went installing Nmap and discovered that port 139 was "open". Since I 'd read how to use ufw I created a deny rule for port 139. After a second scan with Nmap it still said that port 139 was open as shown below.
I'm trying to use VNC on my headless desktop server that's running lucid, but I can only use SSH because a pop asking me to unlock the keyring shows up every time I try to use VNC. I don't have a monitor for that desktop, so I was wondering, is there any way to remove the keyring/to automatically unlock it during autologin? I don't remember what a site I found it on, but I used this to remove my keyring yesterday. It's no longer working today.
I need assistance blocking application in Ubuntu 10.04. block all applications for certain users if they do not exist in a certain directory.For example,we would like to prevent users from launching a portable copy of Firefox from a portable HDD or Flash drive.
im having a bit of a problem with Firestarter, i have Transmission opened and i am downloading a movie but when i check Firestarter i see hundreds and hundreds of Ip's that are blocked, and like 10ip's every second that get blocked.
I might be misunderstanding the log but it looks like UFW is blocking connections. I want to allow all incoming and outgoing. I guess what I'm saying is that the servers on my computer will open ports but all other ports should respond with closed just like a default Ubuntu install. Trying to use UFW to monitor connections without really doing any firewalling.
I've been able to run *.*msi files in the past through WINE. Apparently the latest version of Ubuntu is blocking the action of launching my *.*msi file. Any way of unblocking this? Uploaded with ImageShack.us. BTW, the app I'm trying to install is Steam.exe.
I updated my system with system updates and when i restarted.I couldn't access the internet from my desktop. i got on laptop internet worked just fine..i disabled firestarter and mozilla connected to the internet just fine. I turned firestarter on. and i couldn't reach anything.. What do I have to do to get firestarter to allow me to connect to the internet via firefox
I am looking for a way to automatically block an ip address and add it to /etc/hosts.deny when they have 3 consecutive password failures or try connecting to a name that doesn't exist more than like twice to help limit the brute force attacks I am experiencing.Is there an easy way to do this already implemented in Ubuntu?
I've been using Deny Hosts for a couple of years now without trouble. My router forwards SSH calls to host tock on my LAN. My router's internet hostname is michigan. I keep an svn repository on tock and access it through michigan. In this way I can update my repository when I'm at home or away.Just today, however, whenever I try any ssh to michigan, I get a closed connection and find michigan in my hosts.deny file. I delete it, make a successful connection, but then on my next attempt - there I am in the hosts.deny file again.
I've worked around it by putting michigan into my hosts.allow file, but I would really like to know what's going on. I've configured Hosts Deny to lock out IPs after three failed attempts, but it is locking out michigan after one successful connection.
thought i'd try the firefox add on noscripts. didn't like it, uninstalled. now it is blocking things regardless and seemingly randomly. the forums for instance are a dog's breakfast.
why is this thing still ambling around like an aimless zombie? occasionally firefox just locks up and all i can do is shut it down. when i restart the machine or logout it makes no diff. the aimless noscripts zombie still lurks, playing havoc with my web experience.
any suggestions on how to completely kill this beast would be more than welcome. this machine runs smooth as and rock solid generally. the last thing i expected was some add-on bomb completely screwing things over. cheers.
edit: hmm, just had a thought. seems like java is not working so i look in add-ons and java add-ons seem to be uninstalled also. i'll have a tweak and get back ...
edit 2: when i go to videos, there are no thumbnails of the vids, just white squares and text, yet when i click a vid it plays without a problem. what the heck is happening? i don't believe that add-on could create so much havoc ... i didn't even make any changes to noscripts! installed it and visited about five websites then uninstalled.
Mobloquer starts up at boot and before I've even opened firefox or transmission or anything, mobloquer shows that is has started blocking several outgoing connections as well as ton of incoming connections. I was wondering if the outgoing connections is normal and what's a normal amount of network activity to show up in system monitor when I'm not actively using the internet.
I have an ubuntu 8.04 dedicated server running openssh which I am having problems with.
The server is based in England yet I am currently working from Thailand. Slow speeds and timeouts I am used to but it is now over 24hr since I have managed to SSH the server (from here).
I just tried remote desktop on my PC back in the UK and this connected straight away through both SSH and SCP.
Thinking that it may be the IP being blocked from my works network I switched off wifi on my phone and tried to connect over the data network a few times with no luck.
Another strange problem is that when we got the server it was locked into a chroot jail which SSH(22) always leads into. After accessing SSH on port 22 I have to run a break script to gain root access. The sshd_config file says that the server is listening on port 57 yet I have never been able to access this.
I need to block some of my sites with SQUID Proxy. I added following lines to my SQUID configuration file but still the site remains unblocked.How to block it?acl blocksites url_regex yahoohttp_access deny blocksitesI have also tried saving some url & filter content in a file and edited configuration as follows,acl blocksites url_regex "/etc/squid/squid-block.acl"http_access deny blocksitesThe squid-block.acl file contents are.cricinfo.commp3