|
|
Sponsored Content
Top Forums
UNIX for Advanced & Expert Users
Linux bridged firewall - monitor traffic & block IP
Post 302785163 by coolatt on Monday 25th of March 2013 03:35:01 AM
03-25-2013
Linux bridged firewall - monitor traffic & block IP
|
|
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi folks,
Lately my RS 6000 server is giving some problems.
Needs a reboot from time to time (4-8 days):mad:
Specs:
IBM/RS6000
Unix 4.3
3 gigabyte memory
I keep getting messages like :
" The fork function failed "
I have raised the paging space from 1 gigabyte to 3 gigabyte,... (2 Replies)
Discussion started by: Erik Rooijmans
2 Replies
2. UNIX for Dummies Questions & Answers
I've got a problem site that I need to block all referrers, but if possible, I'd really like to ban all ip's at the same time so that they can't figure out a way around it.
Any ideas? (4 Replies)
Discussion started by: osoamor
4 Replies
3. Linux
Hi,
I will like to allow access to the mysql port (3306) to certain IP address. All other IP's should be automatically blocked. What is the best way to do this? (8 Replies)
Discussion started by: shantanuo
8 Replies
4. Shell Programming and Scripting
Hi everybody. I have the next scenary:
eth0: WAN
eth1: DMZ
eth2: LAN
I need to block all incoming trafic from the internet through my network LAN using iptables. I have squid but i need to do this using ipatbles.
I have been listening about iptables -A FORDAWARD but I am stuck right... (0 Replies)
Discussion started by: edeamat
0 Replies
5. Red Hat
How to monitor network device traffic using MRTG?
How can I add network devices in MRTG configuration to monitor? (2 Replies)
Discussion started by: manalisharmabe
2 Replies
6. IP Networking
I have a LAN for users 192.0.3.0
I have a WAN for servers 192.0.0.0
I have a iptables capable router with a static route from 192.0.3.0 to 192.0.0.0
my problem is SMB file sharing traffic is leaking on to our 192.0.0.0 and causing congestion. I only have one printer IP address that needs... (13 Replies)
Discussion started by: herot
13 Replies
7. Solaris
Hi All
We have T4-4 Server with 2 HBA configured for SAN connectivity. We want to monitor Data traffice going through these HBA. On other AIX system we have that capability with nmon. Following screen shows nmon HBA monitoring can we achieve same in Solaris 10.
... (1 Reply)
Discussion started by: uxravi
1 Replies
8. UNIX and Linux Applications
Hi Team,
I am facing issue while using Xalan & Xerces for my application.
Below are my environment details i am using :-
Platform:- Oracle Linux 6.6
Compiler :- solarisstudio12.3 C++ compiler for Linux
Below are the versions of Xalan & Xerces source code used to build the shared object... (0 Replies)
Discussion started by: agrachirag
0 Replies
9. IP Networking
My son does homework on a school laptop. I was thinking about setting up a gateway on my home network, so that I can monitor web traffic and know if he is doing his homework without standing over his shoulder. Ideally I would like to use the Raspberry Pi Model b that I already have. However, I... (15 Replies)
Discussion started by: gandolf989
15 Replies
10. Shell Programming and Scripting
Below is what i did to open the firewall port on
# sudo firewall-cmd --zone=public --add-port=27012/tcp --permanent
Warning: ALREADY_ENABLED: 27012:tcp
success
# sudo firewall-cmd --reload
success
# firewall-cmd --list-all
public
target: default
icmp-block-inversion: no
... (10 Replies)
Discussion started by: mohtashims
10 Replies
LEARN ABOUT DEBIAN
shorewall-routestopped
SHOREWALL-ROUTESTOP(5) [FIXME: manual] SHOREWALL-ROUTESTOP(5) NAME
routestopped - The Shorewall file that governs what traffic flows through the firewall while it is in the 'stopped' state. SYNOPSIS
/etc/shorewall/routestopped DESCRIPTION
This file is used to define the hosts that are accessible when the firewall is stopped or is being stopped. Warning Changes to this file do not take effect until after the next shorewall start or shorewall restart command. The columns in the file are as follows (where the column name is followed by a different name in parentheses, the different name is used in the alternate specification syntax). INTERFACE - interface Interface through which host(s) communicate with the firewall HOST(S) (hosts) - [-|address[,address]...] Optional. Comma-separated list of IP/subnet addresses. If your kernel and iptables include iprange match support, IP address ranges are also allowed. If left empty or supplied as "-", 0.0.0.0/0 is assumed. OPTIONS - [-|option[,option]...] Optional. A comma-separated list of options. The order of the options is not important but the list can contain no embedded whitespace. The currently-supported options are: routeback Set up a rule to ACCEPT traffic from these hosts back to themselves. Beginning with Shorewall 4.4.9, this option is automatically set if routeback is specified in shorewall-interfaces[1] (5) or if the rules compiler detects that the interface is a bridge. source Allow traffic from these hosts to ANY destination. Without this option or the dest option, only traffic from this host to other listed hosts (and the firewall) is allowed. If source is specified then routeback is redundant. dest Allow traffic to these hosts from ANY source. Without this option or the source option, only traffic from this host to other listed hosts (and the firewall) is allowed. If dest is specified then routeback is redundant. notrack The traffic will be exempted from conntection tracking. PROTO (Optional) - protocol-name-or-number Protocol. DEST PORT(S) (dport) - service-name/port-number-list Optional. A comma-separated list of port numbers and/or service names from /etc/services. May also include port ranges of the form low-port:high-port if your kernel and iptables include port range support. SOURCE PORT(S) (sport) - service-name/port-number-list Optional. A comma-separated list of port numbers and/or service names from /etc/services. May also include port ranges of the form low-port:high-port if your kernel and iptables include port range support. Note The source and dest options work best when used in conjunction with ADMINISABSENTMINDED=Yes in shorewall.conf[2](5). EXAMPLE
Example 1: #INTERFACE HOST(S) OPTIONS PROTO DEST SOURCE # PORT(S) PORT(S) eth2 192.168.1.0/24 eth0 192.0.2.44 br0 - routeback eth3 - source eth4 - notrack 41 FILES
/etc/shorewall/routestopped SEE ALSO
http://shorewall.net/starting_and_stopping_shorewall.htm http://shorewall.net/configuration_file_basics.htm#Pairs shorewall(8), shorewall-accounting(5), shorewall-actions(5), shorewall-blacklist(5), shorewall-hosts(5), shorewall_interfaces(5), shorewall-ipsets(5), shorewall-maclist(5), shorewall-masq(5), shorewall-nat(5), shorewall-netmap(5), shorewall-params(5), shorewall-policy(5), shorewall-providers(5), shorewall-proxyarp(5), shorewall-rtrules(5), shorewall-rules(5), shorewall.conf(5), shorewall-secmarks(5), shorewall-tcclasses(5), shorewall-tcdevices(5), shorewall-tcrules(5), shorewall-tos(5), shorewall-tunnels(5), shorewall-zones(5) NOTES
1. shorewall-interfaces http://www.shorewall.net/manpages/shorewall-interfaces.html 2. shorewall.conf http://www.shorewall.net/manpages/shorewall.conf.html [FIXME: source] 06/28/2012 SHOREWALL-ROUTESTOP(5)