A Firewall is an application or hardware device used to inspect and filter network traffic.
Questions tagged [firewall]
4221 questions
1
vote
1 answer
How can I disable ping in esxi 6 host
I have an esxi6 host on public ip.
All other VMs are behind pfsense firewall, so no issues.
I can't put esxi behind that because I don't want to get locked out.
So far I have disabled ssh access to esxi host.
Now for other security I just want to…
user3214546
- 147
- 4
- 14
1
vote
2 answers
How do i properly ban a IP with iptables
Here is my current config for IPTables. But the IP i banned can still ping, ssh, web and so forth..
The IP im testing these rules with is: 195.154.220.14
# Generated by iptables-save v1.4.7 on Thu Feb 16 22:06:28 2017
*nat
:PREROUTING ACCEPT…
Chris B
- 11
- 1
1
vote
2 answers
What if I DROP and ACCEPT the same IP address in iptables? What will take precedence?
I am playing around iptables to filter the packets coming and going. What will be the result of following rules?
iptables -A INPUT -s 192.168.1.0/24 -j ACCEPT
iptables -A INPUT -s 192.168.1.0/24 -j DROP
Shubham Jairath
- 67
- 1
- 6
1
vote
1 answer
pfSense Captive Portal on devices that cannot use login page(STBs, etc.)
I am using captive portal with pfSense on a network in order to filter content and monitor bandwidth, etc. This has worked great with computers and mobile devices in the office as everyone has been able to login every day with their specified login…
Gary Simcox
- 11
- 1
1
vote
1 answer
How do you expand /var in pfsense when you run it in memory?
I have a pfsense box running 32GBs of RAM. I enabled /var and other directories to be in RAM due to have so much space and wanted to improve performance.
How do you alter and increase the size of /var in RAM?
I've looked in the settings and I see no…
Jason
- 3,931
- 19
- 66
- 107
1
vote
1 answer
IPtables : Don't redirect specific IP
I am tryng to redirect all web traffic to a computer using:
iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-port 1000
It works but I would like to add a rule in order to not redirect the traffic for a specific destination…
Thomas Sxt
- 13
- 4
1
vote
1 answer
Tinc correct iptables configuration
I've been able to get tinc setup when I flush all my iptables, but after enabling iptables and a delay I get a "Destination Net Unknown". I have three host (HOME10.0.3.2, MASTER 10.0.3.1, WEB 10.0.3.3) MASTER and WEB are in Digital ocean in the…
Dave Albert
- 151
- 1
- 9
1
vote
1 answer
PF based gateway firewall for Openbsd 6.0
Currenly I am looking to create an OpenBSD 6.0 pf based gateway. Based on what I read in the pf manual pages and OpenBSD pf FAQ, and some examples on the internet, I was able to configure a firewall. But I am not sure if I got it right:
##…
Baron van Neemweggen
- 11
- 4
1
vote
1 answer
Give a Windows 2008 VM Internet access but block Host LAN access?
Securing a guest VM to give it internet access, but block access to host LAN
The above was a similar question asked for Linux but the following has specifics that are different.
We need to have this VM (clone from a key server/ DC) Updated (via the…
ProBonNonProfitVolunteer
- 11
- 1
- 4
1
vote
0 answers
How can I route Multicast between segregated interfaces on Sonicwall
I realize this question might be a little too specific, and I've read all the other questions about multicast on VPN, multicast on multiple interfaces, etc.
But, I've applied all the information from those questions, and I'm down to what I believe…
Dexter
- 111
- 3
1
vote
0 answers
Shorewall reporting martians
Running Shorewall v5.0.14.1 on Fedora Server 4.8.15-200.fc24.x86_64 configured with two interfaces (br0 and team0). Interface br0 connects to Internet while the team0 interface connects wireless local devices (LAN) (printers, tablets, roku, etc.).…
FlashL
- 11
- 5
1
vote
0 answers
NoProxy only for main domain - cntlm
I am running Ubuntu in a corporate firewall with cntlm.
For working with my local dev sites I have to insert then into the NoProxy like so *.local.
I have a problem with a site that I running locally and, almost every call to the server, calls…
shemaya
- 11
- 2
1
vote
1 answer
How to use IPv6 tunnel to allow a dynamic IP in (Windows) firewall
I am frequently changing locations and my client has to update their firewall rules to allow me access to various servers when my IP changes.
I'm looking for a better solution. A couple of things that I'm investigating are:
using a VPN
using a…
Andrew Bellenie
- 21
- 1
1
vote
1 answer
How does the zScaler cookie authentication work?
I'm implementing a web filter for my organization and I'm considering zScaler. I do not want to use proxy PAC file. I just got off the phone with zScaler's sales and they claim that they can differentiate my users post-NAT using cookies. They did…
NAScar0
- 13
- 1
- 3
1
vote
1 answer
How to configure port access with restrictions for zabbix agent and server using firewall?
I have my Agent / Server configured correctly, I know this because it was working. I just made changes to the firewall on the agent side restricting access on port 10050, but permitting the Server access like so:
$ firewall-cmd --new-zone=zabbix
$…
mcv
- 945
- 2
- 10
- 17