Questions tagged [iptables]

GENERAL IPTABLES SUPPORT IS OFF-TOPIC. Support questions may be asked on https://superuser.com. An application that allows administrators to configure the packet processing tables provided by the Linux kernel firewall. Use this tag only for questions on programming with iptables. Questions about configuring iptables should be asked on Server Fault (https://serverfault.com/tour).

An application that allows administrators to configure the packet processing tables provided by the Linux kernel firewall. Use this tag only for questions on programming with iptables. Questions about configuring iptables should be asked on Server Fault.

Links:
Linux Firewall Tutorial: IPTables Tables, Chains, Rules Fundamentals
Iptables Essentials: Common Firewall Rules and Commands

2035 questions

votes

0 answers

How to forward source IPs to Docker containers without letting Docker mess with iptables

if you run something (e.g. nginx) in a Docker container and publish one of the exposed ports to the outside world (like docker run -p 80:80 nginx) then Docker will expose the port to the public set up iptables so that if something connects to the…

asked Feb 23 '16 at 10:12

Mate Varga

3,144
2
14
17

votes

1 answer

The -t option cannot be used in iptables-restore

I got this error when I want to restore my iptables rules from file. iptables-restore v1.4.21: The -t option (seen in line 5) cannot be used in iptables-restore. Error occurred at line: 5 Try `iptables-restore -h' or 'iptables-restore --help' for…

linux iptables restore

asked Feb 08 '16 at 14:58

PumpkinSeed

2,945
9
36
62

votes

2 answers

iptables --sport vs --dport. INPUT vs OUTPUT

I am having some trouble understanding iptables. I know it acts as a filter but something isn't clicking because it isn't working the way I think it should. Let me start by saying that I'm creating a white list, so all policies (INPUT, FORWARD,…

linux iptables

asked Mar 09 '15 at 14:59

J.M.

votes

3 answers

How do I use bash to bulk add a file full of IP blocks to IPTables

How can I bulk add a text file full of IP blocks to IPTables using BASH (or another scripting language)? Or is there some other way of blocking these address ranges? EDIT: In other words is there a way to program something to iterate through the…

bash iptables

asked Jun 08 '14 at 03:16

Matthew Brown aka Lord Matt

2,298
1
27
40

votes

2 answers

Iptables forward port range to another port range on a different host

I want to redirect incomming requests on a port range ( 30000 to 40000 ) to a different host on a different port range ( 10000-20000 ) mapping them 1 to 1. ( 30000 to 10000, 40000 to 20000 etc ) If the port range is the same i.e.: iptables -t nat -I…

iptables nat

asked May 14 '14 at 10:33

Alexandru Eftimie

votes

1 answer

Remove those entries from iptables recent list which are not there in an ipset

I am using iptables recent match for my work as it saves ip addresses and there last seen value which I require. But now I need to remove some entries from the iptables recent list and those entries are there in an ipset. Can anyone tell me is it…

iptables netfilter

asked Apr 25 '14 at 07:31

Vinay Tiwary

votes

1 answer

Some questions about "-set-xmark" in iptables

I have a rule as following: -A PREROUTING -d 10.228.20.15/32 -p tcp -m tcp --dport 80--tcp-flags FIN,SYN,RST,ACK SYN -j MARK --set-xmark 0x70/0xffffffff The man doc explains --set-xmark as below: Zero out the bits given by mask and XOR value into…

linux iptables netfilter

asked Feb 25 '14 at 02:27

harlan

votes

2 answers

iptables redirect from external interface to loopback's port?

I try to redirect port from my lxc-container to loopback. My lxc-container configured with lxcbr1 bridge 11.0.3.1. I try to connect with netcat from host to lxc, and from lxc to host. Success. localhost: # nc -l 1088 lxc: # nc 11.0.3.1…

linux iptables

asked Sep 02 '13 at 20:54

innocent-world

votes

1 answer

Iptables Postrouting with SNAT for a paritcular destination IP

I want to define a rule in iptables for postrouting in ubuntu as below: $IPTABLES -t nat -A POSTROUTING -o $EXTIF -p tcp -d xxx.xx.xx.8 -j SNAT --to-source xxx.xx.xx.238 It means for destination with IP xxx.xx.xx.8 (a oublic IP) , I want its…

iptables

asked Aug 05 '13 at 06:52

Shyamkkhadka

1,438
4
19
29

votes

1 answer

Cloning and forwarding packets to multiple IP addresses

I'm trying to forward all incoming TCP packets to multiple IP addresses. Setup: A - 10.10.10.10 B - 10.10.10.11 C - 10.10.10.12 D - 10.10.10.13 I want B, C and D to receive (on port 8000) all incoming packets on port 12345 of A. Ideally I wanted A…

routes iptables multicast portforwarding

asked Feb 15 '13 at 14:02

rcadima

votes

1 answer

Linux nat/iptables configuration for this setup

I have an experimental setup, of 4 linux (CentOS) machines: All 4 machines are internally connected using different networks and can ping eachother directly connected interfaces. However only PC4 has access to internet. I am trying to setup iptable…

linux routes iptables nat

asked Feb 14 '13 at 16:53

Space Rocker

votes

2 answers

iptables port forwarding doesn't persist after restart

I have server instance running on amazon ec2. I want to forward from port 80 to 8080 using iptables. Which works fine until restart when it stops forwarding. I have used iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to 8080 to set…

linux amazon-ec2 iptables

asked May 18 '12 at 11:32

dan

1,525
1
17
35

votes

1 answer

ip_conntrack_tcp_timeout_established not applied to entire subnet

I've got a nat setup with thousands of devices connected to it. The gateway has its internet provided by eth0 and the devices on the LAN side connect to eth1 on the gateway. I have the following setup with iptables: /sbin/iptables -t nat -A…

timeout iptables nat gateway subnet

asked Feb 17 '12 at 03:05

Stephen Hankinson

votes

2 answers

Direct ALL android traffic through SSH tunnel

I am trying to completely conceal all traffic on my phone from the wireless provider. I would like to do this by directing the traffic through an SSH tunnel to my home router through iptables (not sure if they help?). The phone is rooted and is…

android linux ssh iptables cyanogenmod

asked Feb 16 '12 at 22:26

CatZilla

1,456
3
12
13

votes

1 answer

How to use iptables in an Android application

How can I use iptables in an Android application? I need this for a firewall-like functionality i.e. packet filtering, blocking sites etc. I'm also not sure whether iptables are available in the Android kernel. I previously heard that I'd have to…

android iptables

asked Jan 11 '11 at 14:26

Preetam

5,528
10
32
39

Prev 1 2 3

…

99 100 Next