Hi
I have small home network and I want to block some forums on web
When I use this
iptables -A INPUT -s forum -j DROP
rules is applied but when I restart some of PC rules are not present any more also I tried to save firewall settings
iptables-save > /root/dsl.fw
but how to... (2 Replies)
Please i need help in how to add/remove rules in timezone files under /usr/share/zoneinfo/ , cause i have tried many times to do this by adding rules in an time zone file then compile this file with zic tool and then link it to /etc/localtime but always the output doesn't match what i have made... (0 Replies)
Hello,
I was playing around with iptables to setup an isolated system. On a SLES10 system, I ran the below to setup my first draft of rules. I noticed that the rules come into effect immediately and do not require any restart of iptables.
iptables -A INPUT -j ACCEPT
iptables -A OUTPUT -m... (4 Replies)
Hello,
I'm having problem with an iptables rule. It seems that on one of two systems on the nat table, the INPUT chain doesn't exist for some strange reason.
I get the error below:
# iptables -t nat -A INPUT -j ACCEPT
iptables: No chain/target/match by that name.
Here is my kernel on... (0 Replies)
Hi,
I am new to linux stuff. I want to use linux iptables to configure rule so that all my incoming traffic with protocol "tcp" is forwarded to the "FORWARD CHAIN". The traffic i am dealing with has destination addresss of my machine but i want to block it from coming to input chain and somehow... (0 Replies)
Could someone help me with writing rules for iptables?
I need a dos attacks protection for a game server.
port type udp
ports 27015:27030
interface: eth0
Accept all packets from all IPs
Chek if IP sent more than 50 packets per second
Drop all packets from this IP for 5 minutes
I would be... (0 Replies)
Hi Champs
i am new in Iptables and trying to write rules for my Samba server.I took some help from internet, created one script and run from rc.local :
#Allow loopback
iptables -I INPUT -i lo -j ACCEPT
# Accept packets from Trusted network
iptables -A INPUT -s my-network/subnet -j... (0 Replies)
I want to SSH to 192.168.1.15 Server from my machine, my ip was 192.168.1.99
Source Destination was UP, with IP 192.168.1.15.
This is LAN Network there are 30 Machine's Connected to the network and working fine, I'm Playing around the local machine's because I need to apply the same rules in... (2 Replies)
Hi,
I've been struggling with this all morning and seem to have a blind spot on what the problem is. I'm trying to use iptables to block traffic on a little cluster of raspberry pi's but to allow ssh and ping traffic within it.
The cluster has a firewall server with a wifi card connecting to... (4 Replies)
Hello,
I did 2 scripts. The second one is, I hope, more secure.
What do you think?
Basic connection (no server, no router, no DHCP and the Ipv6 is disabled)
#######script one
####################
iptables -F
iptables -X -t filter
iptables -P INPUT DROP
iptables -P FORWARD... (6 Replies)
Discussion started by: Thomas342
6 Replies
LEARN ABOUT DEBIAN
ashunt
ashunt(8) netsniff-ng-toolkit ashunt(8)NAME
ashunt - Autonomous System (AS) trace route utility
SYNOPSIS
ashunt -H|--host <host> -i|-d|--dev <dev> [-6|--ipv6] [-n|--numeric] [-N|--dns] [-f|--init-ttl <ttl>] [-m|--max-ttl <ttl>]
[-q|--num-probes] [-x|--timeout <sec>] [-S|--syn] [-A|--ack] [-F|--fin] [-P|--psh] [-U|--urg] [-R|--rst] [-E|--ecn-syn] [-t|--tos
<tos>] [-G|--nofrag] [-X|--payload <string>] [-Z|--show-packet] [-l|--totlen <len>] [-w|--whois <server>] [-W|--wport <port>]
[--city-db <path>] [--country-db <path>] [-v|--version] [-h|--help]
DESCRIPTION
This program provides AS information on each hop between the client and the target host.
OPTIONS
ashunt -i eth0 -N -E -H netsniff-ng.org
IPv4 trace of AS with TCP ECN SYN probe
ashunt -i eth0 -N -S -H netsniff-ng.org
IPv4 trace of AS with TCP SYN probe
ashunt -i eth0 -N -F -H netsniff-ng.org
IPv4 trace of AS with TCP FIN probe
ashunt -i eth0 -N -FPU -H netsniff-ng.org
IPv4 trace of AS with Xmas probe
ashunt -i eth0 -N -H netsniff-ng.org -X "censor-me" -Z
IPv4 trace of AS with Null probe with ASCII payload
ashunt -6 -S -i eth0 -H netsniff-ng.org
IPv6 trace of AS up to netsniff-ng.org
OPTIONS
-h|--help
Print help text and lists all options.
-v|--version
Print version.
-H|--host <host>
Host/IPv4/IPv6 to lookup AS route to
i-|-d|--dev <netdev>
Networking device, i.e. eth0
-p|--port <port>
Hosts port to lookup AS route to
-4|--ipv4
Use IPv4 requests (default)
-6|--ipv6
Use IPv6 requests
-n|--numeric
Do not do reverse DNS lookup for hops
-N|--dns
Do a reverse DNS lookup for hops
-f|--init-ttl <ttl>
Set initial TTL
-m|--max-ttl <ttl>
Set maximum TTL (default: 30)
-q|--num-probes <num>
Number of max probes for each hop (default: 3)
-x|--timeout <sec>
Probe response timeout in sec (default: 3)
-S|--syn
Set TCP SYN flag in packets
-A|--ack
Set TCP ACK flag in packets
-F|--fin
Set TCP FIN flag in packets
-P|--psh
Set TCP PSH flag in packets
-U|--urg
Set TCP URG flag in packets
-R|--rst
Set TCP RST flag in packets
-E|--ecn-syn
Send ECN SYN packets (RFC3168)
-t|--tos <tos>
Set the IP TOS field
-w|--whois <server>
Use a different AS whois DB server (default: /etc/netsniff-ng/whois.conf)
-W|--wport <port>
Use a different port to AS whois server (default: /etc/netsniff-ng/whois.conf)
--city-db <path>
Specifiy path for geoip city database
--country-db <path>
Specifiy path for geoip country database
AUTHOR
Written by Daniel Borkmann <daniel@netsniff-ng.org>
DOCUMENTATION
Documentation by Emmanuel Roullit <emmanuel@netsniff-ng.org>
BUGS
Please report bugs to <bugs@netsniff-ng.org>
2012-06-29 ashunt(8)