Highest Voted 'firewall' Questions - Server Fault Stack Exchange

40

votes

1 answer

Will tcpdump see packets that are being dropped by iptables?

I have a firewall with these simple rules: iptables -A INPUT -p tcp -s 127.0.0.1/32 --dport 6000 -j ACCEPT iptables -A INPUT -p tcp -s 192.168.16.20/32 --dport 6000 -j ACCEPT iptables -A INPUT -p tcp --dport 6000 -j REJECT Now, suppose I am using…

asked Feb 09 '11 at 14:45

Pablo Santa Cruz

1,144
4
18
25

37

votes

6 answers

Hardware Firewall Vs. Software Firewall (IP Tables, RHEL)

My hosting company says IPTables is useless and doesn't provide any protection. Is this a lie? TL;DR I have two, co-located servers. Yesterday my DC company contacted me to tell me that because I'm using a software firewall my server is "Vulnerable…

networking firewall iptables redhat

asked May 11 '11 at 12:26

user80776

35

votes

4 answers

How to make Firefox trust system CA certificates?

Our network admin recently enabled HTTPS inspection on our firewall/router. For IE users this is fine because the certs have all been distributed via Active Directory for domain-joined machines. However, we have a number of Firefox users that are…

windows firewall ssl-certificate certificate-authority firefox

asked Sep 15 '15 at 21:24

Wes Sayeed

1,902
6
28
43

35

votes

7 answers

What firewall ports do I need to open when using FTPS?

I need to access an FTPS server (vsftpd) on a vendor's site. The vendor has a firewall in front of the ftps server. I have a firewall in front of my FTPS client. I understand that ports 990, 991 and maybe 989 need to be opened up for control…

firewall ftp port

asked May 21 '09 at 15:18

user3293

33

votes

4 answers

Copy UFW rules between servers

I'm doing a hardware refresh on a my Colo, I just need to copy my UFW rules from my old server to my new server. I dont seem to be able to get them copy all the active rules from my old server to my new one. How do I copy my active UFW rules…

firewall ufw

asked Oct 02 '11 at 02:06

Squidly

1,765
1
14
18

32

votes

1 answer

Fail2ban jail.local vs jail.conf

Does jail.local file act as an override to jail.conf or as a replacement to jail.conf? When I was learning about Fail2Ban from tutorials, most of them usually say either to copy jail.conf to jail.local and make the edits there and some of them says…

iptables firewall debian-wheezy fail2ban jail

asked Oct 27 '14 at 10:49

Neel

1,441
7
21
35

31

votes

3 answers

Which ports for IPSEC/LT2P?

I have a firewall/router (not doing NAT). I've googled and seen conflicting answers. It seems UDP 500 is the common one. But the others are confusing. 1701, 4500. And some say I need to also allow gre 50, or 47, or 50 & 51. Ok, which ports are…

linux iptables firewall ipsec l2tp

asked Nov 22 '12 at 22:56

hookenz

14,472
23
88
143

30

votes

4 answers

Rate limiting with UFW: setting limits

UFW's man page mentions that it can setup iptables rate limiting for me: ufw supports connection rate limiting, which is useful for protecting against brute-force login attacks. ufw will deny connections if an IP address has…

security firewall brute-force-attacks ufw rate-limiting

asked Mar 11 '12 at 12:35

Tom

611
2
8
15

30

votes

5 answers

Will everyone having Globally Accessible IP's in IPv6 be kind of a security nightmare?

Possible Duplicate: Switch to IPv6 and get rid of NAT? Are you kidding? I'm thinking about the way that in IPv4 most of the time you have a single point to configure a firewall on, mainly your router, but if everybody has a Globally Accessible IP…

security firewall nat ipv6

asked Oct 27 '11 at 03:32

leeand00

4,869
15
69
110

29

votes

3 answers

iptables show just one chain

tldr: How can I get iptables to show just one chain? I can have iptables show just one table, but a table consists of multiple chains. I need to find where in chain INPUT is the last rule (usually but not always the REJECT all rule). I've tried awk…

iptables firewall awk

asked Mar 27 '17 at 14:14

bgStack15

1,111
1
12
23

29

votes

8 answers

Block employee access to public cloud

First of all, let me state that this is not my idea and I don't want to discuss whether such an action is reasonable. However, for a company, is there a way to prevent employees to access public cloud services? In particular, they should not be able…

security firewall cloud

asked Feb 10 '14 at 12:04

marsze

467
2
6
15

28

votes

4 answers

UFW comment existing rule?

I'm trying to comment an existing ufw firewall rule, but I can't find the exact command I can easily add a rule with comment like: sudo ufw allow in on eth0 to any port 80 comment 'test' But how do I comment an existing rule?

firewall ufw

asked Aug 07 '18 at 12:59

Emax

415
1
4
8

27

votes

4 answers

Windows Advanced Firewall: What does "Edge Traversal" mean?

this should be a really simple one: In Advanced Windows Firewall on Windows Server 2008+, Properties > Advanced, what does "Edge Traversal" mean? I Googled it, of course, and was unable to come up with a concrete answer, and I was especially…

windows-server-2008 vpn firewall windows-firewall

asked Dec 01 '09 at 14:47

Django Reinhardt

2,286
3
38
58

27

votes

11 answers

How can I find out if a port is opened or not?

I have installed Apache server on my Windows 7 computer. I was able to display the default index.php by typing http://localhost/ in the address line of my browser. However, I am still unable to see this page by typing IP address of my computer…

windows-7 web-server firewall port

asked Feb 25 '10 at 16:17

Roman

2,569
10
32
32

26

votes

5 answers

How to remove access to a port using firewall on Centos7?

Had a port opened up to for public use using firewall-cmd, I wanted to limit this port to a specific IP which I found the answer for on this SITE. I used the following to open it: $ firewall-cmd --permanent --zone=public --add-port=10050/tcp $…

firewall port centos7

asked Dec 06 '16 at 12:38

mcv

945
2
10
17

Questions tagged [firewall]