Highest Voted 'firewall' Questions - Server Fault Stack Exchange

1

vote

4 answers

What Enterprise Router / Firewall?

I have a network running 100 users with pc and 20 SIP phones. I also have 3 servers runnign an extranet on a 100GB leased line. My primary device is a ZyWall 35 and I have decided that this device is a bottle neck and a limit to performance. What…

firewall router

asked Oct 15 '09 at 09:16

Gavin

139
3

1

vote

1 answer

Unable to access IP addresses within my own country. pfSense showing packets hit WAN

I have a pfSense firewall that has a WAN with multiple public IP addresses. I use NAT to port forward certain external IPs to internal IPs. I can connect from anywhere except same country. When anyone within my country tries to connect to any…

firewall nat pfsense

asked Dec 23 '15 at 03:18

BrinkDaDrink

121
1
2
9

1

vote

3 answers

How to deny all the communications between our server and particular domain and its subdomains?

Let's say we don't want our server (any program running on it) to talk to example.com (any IP address that this DNS name can happen to be resolved into) and anything like *.example.com etc. Both inbound requests coming from those domains and…

firewall

asked Dec 08 '15 at 16:31

Ivan

3,398
19
50
71

1

vote

1 answer

SELinux and iptables on a firewall / router

I've come to a point where I need to migrate to a new server. Though I'm aware of the SELinux advantages, is it necessary to keep SELinux enabled when the firewall / gateway is only meant to route the traffic to different destination hosts. Users…

linux iptables firewall gateway scientific-linux

asked Dec 02 '15 at 14:53

holasz

139
1
1
6

1

vote

3 answers

IP tables - changes not persisting

I've tried to open port 8605 on my server (used for socket connections) using: iptables -I INPUT 2 -s 0/0 -p tcp --dport 8605 -j ACCEPT However the change is not persisting, the port closes itself once a day (I assume something is being regularly…

firewall iptables port

asked Oct 13 '09 at 13:40

Nick

113
1
2
8

1

vote

1 answer

(PCI-DSS, APF) Firewall UDP Packet Source Port 53 Ruleset Bypass?

I am handling vulnerabilities reported by a PCI-DSS scanner, and one of them is new to me: Title Firewall UDP Packet Source Port 53 Ruleset Bypass Synopsis: Firewall rulesets can be bypassed. Impact: It is possible to bypass the rules of the…

linux iptables firewall pci-dss

asked Nov 25 '15 at 02:38

jimp

638
3
11
20

1

vote

1 answer

Windows Domain Network, Cisco 1921 ISR, and NTP

In an effort to make sure all Windows application that rely on time work (such as RDP), and to make sure logging between computers and router are using the same times, I would like to use NTP technology between my Cisco router, my domain…

firewall cisco router domain-controller ntp

asked Nov 20 '15 at 19:46

Kevin

11
3

1

vote

1 answer

Configure STP in WAN Bridge

Hardware: 2 pFsense Box 1 Switch Dlink DGS-3324SR I need to configure a STP into my network because i'm trying to set a wan redundant bridge for a web server. (Take a look to my Network Diagram) So i need to prevent the loops (Broadcast Storms)…

networking firewall pfsense stp

asked Nov 10 '15 at 18:49

Jonathan Edgardo

113
2

1

vote

1 answer

Why is iptables not blocking any ports?

I have iptables running and the most recent rules applied (i.e. I restarted the service and it says everything is "OK"). I have only used system-config-firewall to edit/define any rules, so I shouldn't have a manually created mistake. If I can…

iptables firewall port

asked Nov 10 '15 at 17:36

BuvinJ

419
4
13

1

vote

1 answer

Best practice for managing a whitelist of ips across multiple servers with iptables?

I was wondering what the best practice for managing a whitelist of ip address across multiple servers? We want to allow our user base to add an ip address they want to whitelist through a web interface and then have that ip address added,deleted or…

linux iptables firewall cluster

asked Nov 04 '15 at 18:47

John Nguyen

11
2

1

vote

2 answers

How do I block IP addresses in SuSEFirewall?

Does SuSEfirewall in OpenSuSE 11 provide an easy way to block all traffic from a list of IP addresses? Ideally just a textfile into which I can put all IP addresses I want blocked, otherwise some configuration option. I've looked through…

security firewall opensuse

asked Oct 11 '09 at 10:55

EMP

5,172
10
37
33

1

vote

1 answer

How can I protect Sophos OpenSSL settings from being overwritten?

Our company network uses a Sophos firewall with an Apache reverse-proxy, which is configured to allow HTTPS connections. After we realized that some of our clients can not connect over HTTPS, our internal network department told us that the OpenSSL…

firewall apache-2.4 openssl sophos

asked Oct 29 '15 at 15:33

mjn

933
2
12
26

1

vote

2 answers

How to block internet access when the VPN stops on a DD-WRT router and separate VPN/direct clients?

I am using a DD-WRT 3.0 router to connect via openVPN. In the LAN, 192.168.1.50 is a device which should not go thru the VPN. (How do I set the firewall to have 192.168.1.50 not go thru VPN and How to make all other IPs lose WAN connection when the…

vpn firewall openvpn router

asked Oct 27 '15 at 00:28

Gaia

1,855
5
34
60

1

vote

0 answers

Drop first packet for every IP with iptables

My servers are getting UDP-flooded with spoofed source IP addresses. They flood with real user packets so I cannot rate limit or block these packets. Is there a way to drop the first packet received from an IP and accept the next ones? They only…

linux debian iptables firewall ddos

asked Oct 26 '15 at 15:08

Emin Altintas

11
1

1

vote

1 answer

iptables - Filter by MAC on FORWARD chain

I need to setup a firewall between a server, and the clients on the intranet that filters access by MAC on the FORWARD chain. The server has one NIC (on subnet 10.0.0.0/29), the firewall two NICs (one on subnet 10.0.0.0/29, the other one on subnet…

linux iptables firewall

asked Oct 25 '15 at 19:17

loopeando

11
1
3

Questions tagged [firewall]