Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Linux iptables -> is it possible?
Top Forums UNIX for Dummies Questions & Answers Linux iptables -> is it possible? Post 302727781 by Kekox on Tuesday 6th of November 2012 11:48:15 PM
Old 11-07-2012
Almost working.
It blocks all connections good, but its even blocking those comming from 80.x.x.1
 

9 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

how to configure a linux box as a firewall using iptables

I have already compiled the kernel and configured it to run as a firewall. My computer has 2 NICs and is on two seperate networks. I can ping both networks from my computer, but workstations on one network can not ping workstations on the other. What Scripts or commands do I need to install ? (2 Replies)
Discussion started by: Deuce
2 Replies

2. UNIX for Advanced & Expert Users

LINUX 9 IPTABLES and DNS

I have installed a linux 9 router/firewall and have issues with outside DNS queries making it in. here are my IPTABLE rules, can anyone make some suggestions? ETH1 is my outside facing Interface, ETH0 is my inside facing interface. Accept If input interface is not eth1 Accept If protocol is... (1 Reply)
Discussion started by: frankkahle
1 Replies

3. Linux

LINUX 9 IPTABLES and DNS

I have installed a linux 9 router/firewall and have issues with outside DNS queries making it in. here are my IPTABLE rules, can anyone make some suggestions? ETH1 is my outside facing Interface, ETH0 is my inside facing interface. Accept If input interface is not eth1 Accept If protocol... (6 Replies)
Discussion started by: frankkahle
6 Replies

4. UNIX for Dummies Questions & Answers

Linux IPTABLES help

I'm new to Linux and I made a big mistake at work recently locking myself out of our own server :(. I did iptables -F first as the tutorial said and then entered the rules. I wanted to start over again so I did iptables -F and it locked us out. We had to get someone to physically restart... (0 Replies)
Discussion started by: nogumo
0 Replies

5. Cybersecurity

Help needed in IPTables firewall/router setup - Linux

HI all, I have setup IPTables firewall/Router and my home network, with address space 192.168.10.XXX Form my private network hosts, i can ping the gateway ( 192.168.10.101 ) , but the reverse is not happening. Can someone help me as of what i need to do, so that i can ping my private... (1 Reply)
Discussion started by: chandan_m
1 Replies

6. Cybersecurity

[Linux] Blocking Your w00tw00ts with iptables

I noticed a few w00tw00ts in our Apache2 logfile the other day, so I thought I would write a quick post on blocking them with iptables. Feel free to improve upon any of my scripts or ideas in this thread. First of all, what is a w00tw00t and where might we find one? Well, a w00tw00t is an... (10 Replies)
Discussion started by: Neo
10 Replies

7. Cybersecurity

Replace Sonicwall with linux box using iptables

Hello, I am currently using a Sonicwall firewall to protect a class C network of public IP addresses. The sonicwall allows me to specify which IP's will be on the DMZ port and the remainder are on the LAN port by default. I would like to replace this Sonicwall with a linux box and use iptables... (3 Replies)
Discussion started by: richard987
3 Replies

8. Homework & Coursework Questions

iptables producing 'Unknown error 18446744073709551615' inRed Hat Enterprise Linux Server 5.5

Creating a large number of rules such as 100000, iptables will produce errors after 42000 rules "iptables: Unknown error 18446744073709551615". But another machine where i have debian virtual machine I can easily run the sciprt of 100000 of rules I am waiting for your reply 4.... (1 Reply)
Discussion started by: tahirfattani
1 Replies

9. Debian

Linux outbound traffic filtering with: cgroups + tc + iptables

I spent a lot of time trying to implement outbound traffic filtering with: cgroups + tc + iptables on Debian Jessie. Unfortunately there is still something wrong. The biggest issue is: - cgroups install + config - net_cls subsystem implementation - packets marking with net_cls - appropriate... (0 Replies)
Discussion started by: Novi
0 Replies

LEARN ABOUT OPENDARWIN

accept

ACCEPT(2)						      BSD System Calls Manual							 ACCEPT(2)

NAME

     accept -- accept a connection on a socket

SYNOPSIS

     #include <sys/types.h>
     #include <sys/socket.h>

     int
     accept(int s, struct sockaddr *addr, int *addrlen);

DESCRIPTION

     The argument s is a socket that has been created with socket(2), bound to an address with bind(2), and is listening for connections after a
     listen(2).  The accept() argument extracts the first connection request on the queue of pending connections, creates a new socket with the
     same properties of s and allocates a new file descriptor for the socket.  If no pending connections are present on the queue, and the socket
     is not marked as non-blocking, accept() blocks the caller until a connection is present.  If the socket is marked non-blocking and no pending
     connections are present on the queue, accept() returns an error as described below.  The accepted socket may not be used to accept more con-
     nections.	The original socket s remains open.

     The argument addr is a result parameter that is filled in with the address of the connecting entity, as known to the communications layer.
     The exact format of the addr parameter is determined by the domain in which the communication is occurring.  The addrlen is a value-result
     parameter; it should initially contain the amount of space pointed to by addr; on return it will contain the actual length (in bytes) of the
     address returned.	This call is used with connection-based socket types, currently with SOCK_STREAM.

     It is possible to select(2) a socket for the purposes of doing an accept() by selecting it for read.

     For certain protocols which require an explicit confirmation, such as ISO or DATAKIT, accept() can be thought of as merely dequeuing the next
     connection request and not implying confirmation.	Confirmation can be implied by a normal read or write on the new file descriptor, and
     rejection can be implied by closing the new socket.

     One can obtain user connection request data without confirming the connection by issuing a recvmsg(2) call with an msg_iovlen of 0 and a non-
     zero msg_controllen, or by issuing a getsockopt(2) request.  Similarly, one can provide user connection rejection information by issuing a
     sendmsg(2) call with providing only the control information, or by calling setsockopt(2).

RETURN VALUES

     The call returns -1 on error.  If it succeeds, it returns a non-negative integer that is a descriptor for the accepted socket.

ERRORS

     The accept() will fail if:

     [EBADF]		The descriptor is invalid.

     [ENOTSOCK] 	The descriptor references a file, not a socket.

     [EOPNOTSUPP]	The referenced socket is not of type SOCK_STREAM.

     [EFAULT]		The addr parameter is not in a writable part of the user address space.

     [EWOULDBLOCK]	The socket is marked non-blocking and no connections are present to be accepted.

     [EMFILE]		The per-process descriptor table is full.

     [ENFILE]		The system file table is full.

SEE ALSO

     bind(2), connect(2), listen(2), select(2), socket(2)

HISTORY

     The accept() function appeared in 4.2BSD.

4.2 Berkeley Distribution					 December 11, 1993					 4.2 Berkeley Distribution
All times are GMT -4. The time now is 08:27 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy