Stack Overflow
Stack Overflow

Questions tagged [iptables]

GENERAL IPTABLES SUPPORT IS OFF-TOPIC. Support questions may be asked on https://superuser.com. An application that allows administrators to configure the packet processing tables provided by the Linux kernel firewall. Use this tag only for questions on programming with iptables. Questions about configuring iptables should be asked on Server Fault (https://serverfault.com/tour).

An application that allows administrators to configure the packet processing tables provided by the Linux kernel firewall. Use this tag only for questions on programming with iptables. Questions about configuring iptables should be asked on Server Fault.

Links:
Linux Firewall Tutorial: IPTables Tables, Chains, Rules Fundamentals
Iptables Essentials: Common Firewall Rules and Commands

2035 questions
0
votes
1 answer

executing IPtables via C exec()

I'm trying to make a program here that blocks an IP address given an IP address as an input string, and even though the program executes in the background, the parameters seem to be passed incorrectly. I'm trying to execute the following using my…
Mike -- No longer here
  • 2,064
  • 1
  • 15
  • 37
0
votes
2 answers

IPtables how change to firewalld by MASQUERADE?

How use firewalld-cmd use iptables rule? iptables: iptables -t nat -A POSTROUTING -s 10.8.0.0/24 -o eth0 -j MASQUERADE
user2930390
  • 159
  • 1
  • 1
  • 8
0
votes
1 answer

IPtables to set tcp flags

I am trying to use iptables to modify the tcp flags of outgoing packets. Is it possible to set tcp flags with iptables? For an incoming SYN, i want it respond with ACK (instead of SYN-ACK).
user2896215
  • 507
  • 7
  • 20
0
votes
2 answers

troubleshooting hadoop 2.7.1

I am trying to setup a 3-workers 1 master hadoop cluster using 2.7.1. When I start the cluster, the master has the following daemons running: 2792 NameNode 3611 NodeManager 4362 Jps 3346 ResourceManager 2962 DataNode 3169 SecondaryNameNode And…
sc3339
  • 79
  • 10
0
votes
1 answer

From a NodeJS script, using sed, how to replace string with multiple line string

I am doing a script that add a sample of /etc/iptables.rules file on my server. /etc/iptables.rules *filter -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -N DOCKER ${DROP_INTERFACE} -A FORWARD -o docker0 -j DOCKER -A FORWARD -o docker0 -m…
Dimitri Kopriwa
  • 13,139
  • 27
  • 98
  • 204
0
votes
1 answer

Suricata IPS manual blocking/unblocking vs. snort and guardian

Does anyone have experience with using Suricata as an IPS? Im on Debian and I'd like to be able to manually block and unblock specific ip addresses (iptables). I've not used Suricata as I am currently running Snort as an IDS and guardian as my IPS.…
Anon
  • 47
  • 1
  • 8
0
votes
1 answer

nginx server never resolves

I have set up an nginx server which is a proxy for port 80 to http://127.0.0.1:3000, but the request never gets through. It just infinitely loads. I have tried sudo /sbin/iptables -I INPUT -p tcp -m tcp --dport 80 -j ACCEPT. I have tried sudo…
Zane Hitchcox
  • 936
  • 1
  • 9
  • 23
0
votes
0 answers

Can't connect to Apache remotely

I'm using Red Hat Enterprise Linux. I've installed apache via yum install httpd. When I execute curl localhost it responds beatifully with the apache test page. However connecting remotely via web browser(typing the ip address) results in Webpage…
Krzysztof Story
  • 21
  • 1
0
votes
1 answer

libnetfilter_queue: Why can't I see the TCP payload of packets from nfq_get_payload?

I have a fairly basic user space firewall application. It receives data from libnetfilter_queue properly, we can see all the IP and TCP header information including source and destination IPs, ports, protocols, etc, but we don't get ANY of the TCP…
DaKaZ
  • 925
  • 1
  • 7
  • 18
0
votes
1 answer

How are do I specify both source and destination flags in the iptables FORWARD chain?

Since I a have iptables running on my router, it seems the only chain that works is the FORWARD chain to block traffic between the LAN and the internet. In these FORWARD chain rules, like... iptables -I FORWARD 1 -d 198.41.16.0/17 -j REJECT ...but…
youcantexplainthat
  • 577
  • 1
  • 5
  • 16
0
votes
1 answer

Kubernetes service returns "No route to host" when curling endpoint

I have a kubernetes service: kind: "Service" apiVersion: "v1" metadata: name: "aggregator" labels: name: "aggregator" spec: ports: - protocol: "TCP" port: 8080 targetPort: 8080 selector: name:…
Christian Grabowski
  • 2,782
  • 3
  • 32
  • 57
0
votes
1 answer

Forwarding packets with any source address

I have three Computers: A, B and C. I am trying to send packets from A over B to C. To achieve that, I configured B as default gateway of A and C as default gateway of B. On B, I activated packet forwarding (sysctl -w net.ipv4.ip_forward=1) and…
uwe
  • 11
  • 4
0
votes
3 answers

Iptables : How to block (handle) X-Forwarded-For addresses?

(I'm in fact, on the CentOS behind AWS ELB. But i don't want this question to be specific for AWS ELB only, but for the general ground.) I'm working on a CentOS 6.5 box, which is behind a loadbalancer which only passes the X-Forwarded-For IPs to me.…
夏期劇場
  • 17,821
  • 44
  • 135
  • 217
0
votes
1 answer

Iptables, exclude single ip from prerouting Captive Portal

I need help to exclude a single Ip address from a prerouting rule on all ports. Anybody who connects to my access point, gets redirected to my Captive Portal(Landing Page). Therefore I want to make a new rule, I don't want my existing prerouting…
ninja
  • 3
  • 2
  • 5
0
votes
1 answer

Do i have reset service/something when banning an ip with iptables -j DROP

I just run this command iptables -A INPUT -s 1.1.1.1 -p TCP -j DROP Do i have to reset a service or something like that? It does not seems to work because when i use netstat -antp i can still see the ip i just dropped
Gianni Di Falco
  • 165
  • 1
  • 10
1 2 3
99 100