Block incoming traffic FTP from internet using iptables


 
Thread Tools Search this Thread
Top Forums Shell Programming and Scripting Block incoming traffic FTP from internet using iptables
# 1  
Old 09-10-2009
Block incoming traffic FTP from internet using iptables

Hi everybody. I have the next scenary:

eth0: WAN
eth1: DMZ
eth2: LAN

I need to block all incoming trafic from the internet through my network LAN using iptables. I have squid but i need to do this using ipatbles.

I have been listening about iptables -A FORDAWARD but I am stuck right now please help me.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

Using netstats (differentiate incoming vs outgoing traffic)

Hi all, Sorry for the gullible question, are we able to different incoming / outgoing traffic using netstats ? It seems like the local traffic is always on the left, and the remote is beside it. but it doesn't state the traffic direction. or is it that if I have - a LISTEN entry (e.g.... (0 Replies)
Discussion started by: javanoob
0 Replies

2. Shell Programming and Scripting

Block all incoming connection for 10h

Hi all, I am working on a shell script that blocks all incoming and outgoing connections for 10 hours. After then hours everything will be unblocked again. i am using the ipfw command and put it to sleep the amount of time in seconds. ipfw -q flush ipfw -f add deny tcp from any to... (8 Replies)
Discussion started by: runtimeError
8 Replies

3. Linux

how to allow incoming UDP packets with iptables

I am looking for an iptables command to allow incoming UDP packets for my Linux server also is there a command I can use to set the default action for outgoing packets to accept? Thank you (1 Reply)
Discussion started by: crimputt
1 Replies

4. IP Networking

How does a router directs the internet traffic to a specific host in the private network?

how does a router directs the internet traffic to a specific host in the private network? Example: My PC has ip 192.168.134.100 Router has ip 192.168.134.200 My company's ip 202.52.150.33 When i try to access internet, say google, it traverses from... (1 Reply)
Discussion started by: Arun_Linux
1 Replies

5. IP Networking

Traffic shaping with iptables

hello, I have a postfix & a local dns running on a single server. this server is connected to internet via a low bandwidth line(with fixed ip). we also have another high speed adsl (dynamic ip). i want to divert all dns request from the local dns & postfix from the server to the adsl... (0 Replies)
Discussion started by: coolatt
0 Replies

6. Cybersecurity

~ IPTables : Limit Incoming UDP Packets With a Certain Length ~

Hello, I am currently trying to limit incoming UDP length 20 packets on a per IP basis to 5 a second using IPTables on a Linux machine (CentOS 5.2). Basically, if an IP is sending more than 5 length 20 UDP packet a second to the local machine, I would like the machine to drop the excess... (1 Reply)
Discussion started by: tomboy123
1 Replies

7. UNIX for Advanced & Expert Users

iptables rule to block ping to internet

I want to block ping on a linuxbox to any other address where it would go to the default gateway. vmdebianamd64:/etc/tcng# route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 198.9.200.0 * 255.255.255.0 U 0 ... (1 Reply)
Discussion started by: progressdll
1 Replies

8. AIX

loggin incoming ftp connections in syslog

Hello, we recently configured syslog on one of our machines with the following line in /etc/syslog.conf *.info /audit/syslog.log rotate time 1d compress However it does not seem to be logging incoming ftp connections, only outgoing ftp connections? Is there a way to log incoming ftp... (2 Replies)
Discussion started by: zuessh
2 Replies

9. IP Networking

measuring traffic with iptables

i have a wireless network that is connected to internet over nat.there is ap that is connected to another ap in bridge mode, on ap is used for clients, and the other is connected to the machine that is doing masquerading. so i want to measure traffic of my clients and i thought about doing it with... (0 Replies)
Discussion started by: mdfk
0 Replies

10. Cybersecurity

iptables: block/allow ftp

I have 2 LAN's, seperated by a firewall, running iptables on it. I want only allow ftp access from one to the other LAN. Server 1 in LAN 1 should have ftp access to Server 2 in LAN 2 Server 2 in LAN 2 should not have ftp access to Server 1 in LAN 1. Can someone tell me how to set up the... (5 Replies)
Discussion started by: sTorm
5 Replies
Login or Register to Ask a Question
Firewall mark classifier in tc(8)				       Linux					 Firewall mark classifier in tc(8)

NAME
fw - fwmark traffic control filter SYNOPSIS
tc filter ... fw [ classid CLASSID ] [ action ACTION_SPEC ] DESCRIPTION
the fw filter allows to classify packets based on a previously set fwmark by iptables. If it is identical to the filter's handle, the fil- ter matches. iptables allows to mark single packets with the MARK target, or whole connections using CONNMARK. The benefit of using this filter instead of doing the heavy-lifting with tc itself is that on one hand it might be convenient to keep packet filtering and classifi- cation in one place, possibly having to match a packet just once, and on the other users familiar with iptables but not tc will have a less hard time adding QoS to their setups. OPTIONS
classid CLASSID Push matching packets to the class identified by CLASSID. action ACTION_SPEC Apply an action from the generic actions framework on matching packets. EXAMPLES
Take e.g. the following tc filter statement: tc filter add ... handle 6 fw classid 1:1 will match if the packet's fwmark value is 6. This is a sample iptables statement marking packets coming in on eth0: iptables -t mangle -A PREROUTING -i eth0 -j MARK --set-mark 6 SEE ALSO
tc(8), iptables(8), iptables-extensions(8) iproute2 21 Oct 2015 Firewall mark classifier in tc(8)