Questions tagged [iptables]

GENERAL IPTABLES SUPPORT IS OFF-TOPIC. Support questions may be asked on https://superuser.com. An application that allows administrators to configure the packet processing tables provided by the Linux kernel firewall. Use this tag only for questions on programming with iptables. Questions about configuring iptables should be asked on Server Fault (https://serverfault.com/tour).

An application that allows administrators to configure the packet processing tables provided by the Linux kernel firewall. Use this tag only for questions on programming with iptables. Questions about configuring iptables should be asked on Server Fault.

Links:
Linux Firewall Tutorial: IPTables Tables, Chains, Rules Fundamentals
Iptables Essentials: Common Firewall Rules and Commands

2035 questions

votes

2 answers

Is there a python interface to iptables?

Im trying to retrieve the current iptables chains configured on the system via python. If I strace the iptables command, it outputs: strace iptables -L INPUT socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = 3 getsockopt(3, SOL_IP, 0x40 /* IP_??? */,…

asked May 05 '11 at 01:42

tMC

18,105
14
62
98

votes

3 answers

Multiple static IPs for Docker containers

I have a Docker host that should allow each container to have multiple static IP addresses. The application inside the container should then be able to choose from which address it will send traffic to remote hosts (e.g. ping -I …

networking docker iptables

asked Jun 22 '17 at 15:22

Hexaholic

3,299
7
30
39

votes

2 answers

Packet mangling utilities besides iptables?

I'm looking for a linux utility that can alter the payloads of network packets based on a set of rules. Ideally, I'd use iptables and the netfilter kernel module, but they don't support generic payload mangling: iptables will alter various header…

linux networking iptables packet-mangling

asked Nov 04 '08 at 03:20

Adam Liss

47,594
12
108
150

votes

1 answer

How to remove iptables rule

I have this rule in my iptables: sudo iptables -t nat -nvL --line-numbers Chain PREROUTING (policy ACCEPT 14 packets, 1950 bytes) num pkts bytes target prot opt in out source destination Chain INPUT (policy…

iptables

asked Jan 11 '14 at 22:32

pkout

6,430
2
45
55

votes

2 answers

Block outgoing connections to private IPs from Docker containers

Some of the services that we run on our servers with Docker, try to connect to private IP addresses (10.0.0.0/8, 192.0.0.0/16, 172.16.0.0/12, 100.64.0.0/10). This behavior is normal but our server provider detects this traffic and sends us…

docker firewall iptables

asked Dec 12 '16 at 18:16

John L. Jegutanis

votes

2 answers

How to use iptables in linux to forward http and https traffic to a transparent proxy

I have a Ubuntu linux system acting as a gateway system with two interfaces on it. One interface is for the local network and one interface is for the internet. I am able to route traffic through it with no problem at all. I use two iptables rules…

linux firewall iptables gateway transparentproxy

asked May 23 '12 at 20:36

ajt

1,341
3
13
30

votes

3 answers

Python/iptables: Capturing all UDP packets and their original destination

I am trying to write an iptables rule that will redirect all outgoing UDP packets to a local socket, but I also need the destination information. I started out with sudo iptables -t nat -A sshuttle-12300 -j RETURN --dest 127.0.0.0/8 -p udp sudo…

python sockets udp iptables packet-capture

asked Apr 06 '12 at 03:16

Etienne Perot

4,764
7
40
50

votes

5 answers

Linux per program firewall similar to windows and mac counterparts

Is it possible to create GUI firewall that works as Windows and Mac counterparts? Per program basis. Popup notification window when specific program want to send\recv data from network. If no, than why? What Linux kernel lacks to allow existence of…

linux firewall iptables

asked Mar 27 '11 at 18:09

Marko Kevac

2,902
30
47

votes

3 answers

Disable access to LAN from docker container

I am running Gentoo host with Ubuntu container in Docker. They communicate via bridge automatically created by Docker. I would like to drop all traffic for 192.168.0.0/16 that may come out of container. $sudo iptables -S -P INPUT ACCEPT -P FORWARD…

docker iptables

asked Nov 29 '14 at 21:34

i.petruk

1,276
1
13
18

votes

1 answer

ElasticSearch restrict access using IP tables

I have seen a couple of dead threads like this IP Address Restriction in Bonsai ElasticSearch as a Heroku Addon and this https://stackoverflow.com/questions/16121531/tomcat-restrict-ip-access-ip-range-format This is the first time I have hosted an…

linux security elasticsearch iptables

asked Feb 11 '14 at 08:28

Sap

5,197
8
59
101

votes

3 answers

How to write specific iptables rules using python-iptables

I am trying to use python-iptables to write a script to set certain rules. I figured out how to set rules to allow all and deny all, but I need to figure out how to write a rule to allow established connections. For example I need to write the…

python iptables

asked Dec 22 '13 at 21:39

h33th3n

votes

1 answer

How to allow mail through iptables?

I'm securing my server (with iptables) so that only http and ssh ports are open and that is fine, although I use the mail command (server: CentOS 6.2) in some applications and it does not get through now thanks to iptables blocking everything. What…

iptables

asked May 20 '12 at 04:15

Andrew

votes

1 answer

Why does my service always bind to ipv6 localhost instead of ipv4?

I have a service that creates a ServerSocket and binds to localhost:7060. When I did "netstat -an" on my android device, I see it is using ipV6 localhost instead of ipv4 localhost interface. The output is like this: tcp6 0 0…

android sockets localhost iptables portforwarding

asked Nov 29 '11 at 23:47

videoguy

1,732
2
24
49

votes

5 answers

How can I defend against DoS attacks using Amazon EC2 Load Balancer?

We usually blacklist IPs address with iptables. But in Amazon EC2, if a connection goes through the Elastic Load Balancer, the remote address will be replaced by the load balancer's address, rendering iptables useless. In the case for HTTP,…

amazon-ec2 load-balancing iptables ddos

asked Mar 07 '10 at 00:04

netvope

7,647
7
32
42

votes

1 answer

Node JS internet gateway/captive portal like used in public WiFi hotspots

I want to build a node js internet gateway/captive portal. So I can have a user 'authorize' his mac address or ip address if the mac address is not possible like used for wifi hotspots So what I have in mind is node can have a dhcp server and it…

node.js routes wifi iptables

asked Mar 21 '13 at 15:48

Tarang

75,157
39
215
276

Prev 1 2 3

…

99 100 Next