Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [iptables]

iptables is the userspace command line program used to configure the Linux 2.4.x and 2.6.x IPv4 packet filtering ruleset. It is targeted towards system administrators. Please, when asking a question about iptables, add the output from the following command: iptables -L -v -n

iptables is userspace utility complementary to Linux kernel-level Netfilter firewall.

When seeking help in regards of the firewall configuration it's advisable to supply iptables-save output to give a readable ruleset listing possibly appending it with iptables -L -v -n — to give matching ruleset information.

6626 questions
2
votes
3 answers

Partial HOSTS file read

I've a new entry that I put in the HOSTS file: 10.7.4.94 COMMRTU7 commrtu7 commRTU7 The first two entries ping, but the third one won't ping. I have a list of entries like this that work fine, any ideas why this won't?
Lance Roberts
  • 401
  • 3
  • 12
  • 29
2
votes
1 answer

firewalld service is running, but firewall-cmd doesn't work

I am new to Centos 7/Server management. I am trying to figure out how to work with firewalld. my kernel release is: 2.6.32-042stab084.20(OpenVZ) And: #firewall-cmd --version #0.3.9 The problem is I can't get any functionality out of firewall-cmd.…
jrook
  • 121
  • 1
  • 5
2
votes
0 answers

iptables keeps using old nat rules

I use iptables snat on my gateway to change local source ip addresses to external. The trouble is that after I change the rules (or even if I flush iptables nat table) gateway keeps using the old rule till I reboot the gateway. I use Ubuntu 14.04…
koresh
  • 21
  • 1
2
votes
1 answer

Docker open ports in iptables (rabbitmq)

I'm having a docker image based on rabbitmq. Nothing in my Dockerfile specifies anything about ports. I bind the usual rabbitmq ports (5671, 5672 and 15672) to my custom ports by running my instance as follows: docker run -d -p $someport:5671 -p…
lajarre
  • 171
  • 8
2
votes
0 answers

How to use iptables or IFB to mark incoming traffic by device?

I'm trying to use iptables to mark incoming packets based on the device where those packets arrived (rather than their originating IP address or port etc), but haven't found a way of getting this to work. Specifically, I can set up a filter that…
Nick Pelling
  • 21
  • 4
2
votes
1 answer

Squid problems with iptables

I've installed and configured Squid on Fedora Server 21 with full updates. My proxy's IP is 145.130.33.133 with port 3128. First I modified my squid.conf with my rules and everything. On my laptop with Fedora Workstation 21 works normally, meanwhile…
falconR
  • 133
  • 1
  • 7
2
votes
1 answer

Port redirection with iptables to localhost / blocking the destination port

I like to forward all traffic coming to 80 to be redirected to 8000. I used iptables -tnat -A PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 8000 But then port 8000 is still open to public. I tried -DNAT: iptables -t nat -A PREROUTING …
Phil
  • 223
  • 2
  • 6
2
votes
3 answers

How to route all local trafic to Squid?

I have a working squid caching server which is accessile through 127.0.0.1:3128. I'm trying to route all my trafic(and if possible all my virtual machines) to 127.0.0.1:3128. I'm using vagrant and virtual box and it would be nice if I don't config…
eneepo
  • 219
  • 2
  • 3
  • 8
2
votes
2 answers

fail2ban error on setting iptables on Synology NAS

I setup fail2ban 0.9.1 on my Synology NAS to handle failed SSH attempts. When I startup the jail I get the following errors in fail2ban.log: 2015-02-01 17:22:52,394 fail2ban.jail [30576]: INFO Jail 'ssh-iptables-syno' started 2015-02-01…
perelin
  • 201
  • 3
  • 8
2
votes
1 answer

How to pass all traffic through virtual ip on linux

I have an Ethernet card on CentOS server. It has been configured: eth1: mtu 1500 qdisc mq state UP qlen 1000 link/ether 40:f2:e9:9b:b7:bb brd ff:ff:ff:ff:ff:ff inet 192.168.1.1/24 brd 10.54.19.255 scope…
LinhTran
  • 21
  • 1
  • 2
2
votes
1 answer

iptables block port range with single port exception

I`ve two rules. First blocked all port from range: -A INPUT -m state --state NEW -m tcp -p tcp --match multiport --dports 200:65535 -j DROP and second open one in this range: -A INPUT -i eth0 -p tcp --dport 5901 -m state --state NEW,ESTABLISHED…
lolcio
  • 121
  • 2
2
votes
1 answer

Static Route for Windows

I have a network as follows. Router->Windows Server->Clients I want to be able to be on the LAN of the router and access the clients who are on a different subnet behind the Windows Server with networking and policy access enabled. I setup a static…
soniccool
  • 181
  • 1
  • 8
2
votes
1 answer

ipt_CLUSTERIP: unknown protocol 1

I am trying to create a web cluster with two load balancers and a single public ip address The command I use is the following: iptables -I INPUT -d $CLUSTERIP -i $WAN_IF -j CLUSTERIP --new --clustermac $CLUSTERMAC --total-nodes $TOTALNODES…
rogledi
  • 21
  • 3
2
votes
1 answer

iptables only blocks OpenVPN on server startup

I'm currently in the process of setting up OpenVPN across multiple data centres on Linode. The OpenVPN set up is working great and I'm now focusing on getting my firewall set up so that my public and private IP's provided by Linode are…
Luke
  • 3,826
  • 8
  • 36
  • 40
2
votes
1 answer

why port forwarding is not working in this setup?

I'm trying to setup a docker virtualization environment. This is a follow up of this question. I have a virtual eth0:0 interface, and I would like to forward it using iptables. The public, main IP is 93.93.93.93 The failover IP is 5.6.7.8 I've a…
Mascarpone
  • 872
  • 3
  • 9
  • 28
1 2 3
99 100