Stack Overflow
Stack Overflow

Questions tagged [iptables]

GENERAL IPTABLES SUPPORT IS OFF-TOPIC. Support questions may be asked on https://superuser.com. An application that allows administrators to configure the packet processing tables provided by the Linux kernel firewall. Use this tag only for questions on programming with iptables. Questions about configuring iptables should be asked on Server Fault (https://serverfault.com/tour).

An application that allows administrators to configure the packet processing tables provided by the Linux kernel firewall. Use this tag only for questions on programming with iptables. Questions about configuring iptables should be asked on Server Fault.

Links:
Linux Firewall Tutorial: IPTables Tables, Chains, Rules Fundamentals
Iptables Essentials: Common Firewall Rules and Commands

2035 questions
24
votes
5 answers

Iptables setting multiple multiports in one rule

The multiport extension has a limit (15) for the ports that can be specified. But I need to specify much more port numbers in a single rule, so I tried to use several multiport in one rule like: iptables -A INPUT -p tcp -m multiport…
ning
  • 731
  • 1
  • 4
  • 15
24
votes
3 answers

iptables redirect 80 to 8080 but block public 8080 access

I have some iptables rules which redirect requests for port 80 onto our application server (GlassFish) at port 8080 (and also SSL ports too but I've left them out for simplicity). Whilst what we have works fine (and I don't personally have an issue…
lazidar
  • 295
  • 1
  • 3
  • 6
22
votes
5 answers

debian 8 iptables-persistent

i have VPS Debian 8 jessie x64 stable release. After installation im trying to configure iptables (like in debian 7). apt-get install iptables-persistent executed succesefully, some packets were installed. but when im trying service…
Николай Булашев
  • 419
  • 1
  • 3
  • 6
21
votes
2 answers

Iptables v1.6.1 can't initialize iptables table `filter' Ubuntu 18.04 Bash Windows

I'm running Ubuntu 18.04 from Windows Bash: uname -a Linux DESKTOP-M87DGAS 4.4.0-17134-Microsoft #112-Microsoft Thu Jun 07 22:57:00 PST 2018 x86_64 x86_64 x86_64 GNU/Linux I need to open some port with: sudo ufw allow 22/tcp But I get the…
JohnJohnsonJoe
  • 215
  • 1
  • 2
  • 6
21
votes
6 answers

Using iptables to change a destination port

Is it possible to change the destination port of a UDP packet using iptables? I'm trying to get an SNMP agent to send out traps on 1620 instead of 162. Unfortunately so far I've only managed to change the source port: iptables -t nat -A POSTROUTING…
Kristof Provost
  • 26,018
  • 2
  • 26
  • 28
21
votes
6 answers

List of loaded iptables modules

Is there any convenient way to show loaded iptables module list? I can show installed modules by listing /lib/iptables/ (or /lib64/iptables/) directory but I need active modules list.
Emre Yazici
  • 10,136
  • 6
  • 48
  • 55
21
votes
4 answers

How to open port 2195 in iptables CentOS 6 for activating the APNS

I tried this solution: iptables -I OUTPUT -p tcp --dport 2195 -j ACCEPT /etc/init.d/iptables stop /etc/init.d/iptables start but still can't access the port. If there are more ports that I have to open for APNS let me know.
ElizaS
  • 850
  • 1
  • 9
  • 22
20
votes
5 answers

Unable to connect to mongo on remote server

I have installed mongo on machine1(Ubuntu 14.04.3 LTS server) in my local network. I have also opened the port 27017 as mentioned in this guide using following commands: sudo iptables -A INPUT -p tcp --destination-port 27017 -m state --state…
Abhishek Gupta
  • 6,465
  • 10
  • 50
  • 82
17
votes
5 answers

Docker container can not ping the outside world - iptables

exploring Docker 17.06. I've installed docker on Centos 7 and created a container. Started the container with the default bridge. I can ping both host adapters, but not the outside world e.g. www.google.com All advise out there is based on older…
user1945022
  • 179
  • 1
  • 1
  • 3
17
votes
2 answers

Can't access publicly exposed Docker container port from external machine, only from localhost?

I have a Docker container running on my Ubuntu Linux 14.04 machine that exposes a port publicly: docker run --name spacyapi -d -p 127.0.0.1:7091:7091 jgontrum/spacyapi:en I can connect and execute commands against the server in the container…
Robert Oschler
  • 14,153
  • 18
  • 94
  • 227
17
votes
2 answers

REDIRECT a port in ip6tables

How can I redirect one port to another local port by using ip6tables ? e.g. something like this : ip6tables -t nat -A PREROUTING -j REDIRECT -p tcp --dport 443 --to-ports 8443
Changming Sun
  • 857
  • 2
  • 7
  • 19
17
votes
3 answers

How to run node.js as non-root user?

I'm running a node.js server, that will serve requests on port 80 amongst others. Clearly this requires the application running as root (on Linux). Looking at this post (http://syskall.com/dont-run-node-dot-js-as-root) as an example it's clear that…
user2208171
  • 183
  • 1
  • 1
  • 6
16
votes
3 answers

Network unreachable inside docker container without --net=host parameter

Problem: there is no internet connection in the docker container. Symptoms: ping 8.8.8.8 doesn't work. Wireshark from host system gives back: 19 10.866212113 172.17.0.2 -> 8.8.8.8 ICMP 98 Echo (ping) request id=0x0009, seq=0/0, ttl=64 20…
beyondfloatingpoint
  • 1,239
  • 1
  • 14
  • 23
16
votes
5 answers

Docker ignores iptable rules when using "-p :"

Just realized a few days ago that Docker seems to bypass my iptable rules. I am not incredible experienced with Docker nor iptables. Tried a lot of different things the last days. Also saw that there was big change in recent docker versions with a…
janober
  • 195
  • 1
  • 2
  • 7
16
votes
2 answers

Can iptables allow DNS queries only for a certain domain name?

I have iptables blocking all UDP traffic at the moment, however I want to allow only certain DNS queries to get through. Let's use google.com as an example. I am trying to use string matching to find the domain name in the request, and allow it.…
Jarred Kenny
  • 33
  • 1
  • 1
  • 7
1 2
3
99 100