9 More Discussions You Might Find Interesting
1. IP Networking
Hi, I am relatively new to firewalls and netfilter. I have a Debian Stretch router box running dnsmasq, connected to a VPN. Occasionally dnsmasq polls all of the desired DNS servers to select the fastest. When it does this it responds to replies of the non-selected DNS servers with a icmp type... (0 Replies)
Discussion started by: CrazyDave
0 Replies
2. Cybersecurity
Hello,
I did 2 scripts. The second one is, I hope, more secure.
What do you think?
Basic connection (no server, no router, no DHCP and the Ipv6 is disabled)
#######script one
####################
iptables -F
iptables -X -t filter
iptables -P INPUT DROP
iptables -P FORWARD... (6 Replies)
Discussion started by: Thomas342
6 Replies
3. UNIX for Advanced & Expert Users
Hi,
I've been struggling with this all morning and seem to have a blind spot on what the problem is. I'm trying to use iptables to block traffic on a little cluster of raspberry pi's but to allow ssh and ping traffic within it.
The cluster has a firewall server with a wifi card connecting to... (4 Replies)
Discussion started by: steadyonabix
4 Replies
4. Proxy Server
Hi there,
I have a VPS and am working on a little side project for myself and friend which is a DNS proxy. Everything was great till recently. My VPS IP has been detected by some botnet or something, and I believe SMURF attacks are occuring. The VPS provider keeps shutting down my VPS... (3 Replies)
Discussion started by: phi0x
3 Replies
5. Web Development
Hi all,
Exactly like my title says.
I am learning PHP and MySQL and I used to use /var/www/ to host (contain or store) my files (.htm/.php) for testing. I could configure, finally, apache2 to use ~/public_html instead.
Now I when I tried to use $_SERVER it still directs (I used echo to show... (7 Replies)
Discussion started by: faizlo
7 Replies
6. Red Hat
Hi Champs
i am new in Iptables and trying to write rules for my Samba server.I took some help from internet, created one script and run from rc.local :
#Allow loopback
iptables -I INPUT -i lo -j ACCEPT
# Accept packets from Trusted network
iptables -A INPUT -s my-network/subnet -j... (0 Replies)
Discussion started by: Vaibhav.T
0 Replies
7. Ubuntu
Could someone help me with writing rules for iptables?
I need a dos attacks protection for a game server.
port type udp
ports 27015:27030
interface: eth0
Accept all packets from all IPs
Chek if IP sent more than 50 packets per second
Drop all packets from this IP for 5 minutes
I would be... (0 Replies)
Discussion started by: Greenice
0 Replies
8. Cybersecurity
Hello,
I was playing around with iptables to setup an isolated system. On a SLES10 system, I ran the below to setup my first draft of rules. I noticed that the rules come into effect immediately and do not require any restart of iptables.
iptables -A INPUT -j ACCEPT
iptables -A OUTPUT -m... (4 Replies)
Discussion started by: garric
4 Replies
9. IP Networking
Hi
I have small home network and I want to block some forums on web
When I use this
iptables -A INPUT -s forum -j DROP
rules is applied but when I restart some of PC rules are not present any more also I tried to save firewall settings
iptables-save > /root/dsl.fw
but how to... (2 Replies)
Discussion started by: solaris_user
2 Replies
ipkungfu(8) System Manager's Manual ipkungfu(8)
NAME
ipkungfu - An iptables-based firewall for Linux
SYNOPSIS
ipkungfu [ -c ] [ -t ] [ -d ] [ -h ] [ -v ] [ --quiet ] [ --panic ] [ --no-caching
DESCRIPTION
ipkungfu is an iptables-based Linux firewall. The primary design goals are security, ease of use, and performance, in that order. It takes
advantage of advanced features of iptables, tcpwrappers, and the Linux kernel. It also simplifies the configuration of internet connection
sharing, advanced routing, and other networking needs.
OPTIONS
-c (or --check)
Check whether ipkungfu is loaded, and report any command line options it may have been loaded with.
-t (or --test)
Runs a configuration test, and displays the results. Note that this does not test or display all configuration options. This
gives you an opportunity to verify that major configuration options are correct before putting them into action.
-d (or --disable)
Disables the firewall. It is important to know exactly what this option does. All traffic is allowed in and out, and in the
case of a gateway, all NATed traffic is forwarded (the option retains your connection sharing options). Custom rules are not
implemented, and deny_hosts.conf is ignored.
-f (or --flush)
Disables the firewall COMPLETELY. All rules are flushed, all chains are removed. Any port forwarding or internet connection
sharing will cease to work.
-h (or --help)
Displays brief usage information and exits.
-v (or --version)
Displays version information and exits.
--quiet Runs ipkungfu with no standard output
--panic Drops ALL traffic in all directions on all network interfaces. You should probably never use this option. The --panic option
is available for the highly unusual situation where you know that an attack is underway but you know of no other way to stop
it.
--failsafe If ipkungfu fails, --failsafe will cause all firewall policies to revert to ACCEPT. This is useful when working with ipkungfu
remotely, to prevent loss of remote access due to firewall failure.
--no-caching
Disables rules caching feature.
FILES
/etc/ipkungfu/ipkungfu.conf
/etc/ipkungfu/advanced.conf
/etc/ipkungfu/accept_hosts.conf
/etc/ipkungfu/deny_hosts.conf
/etc/ipkungfu/custom.conf
/etc/ipkungfu/log.conf
/etc/ipkungfu/redirect.conf
/etc/ipkungfu/services.conf
/usr/sbin/ipkungfu
/usr/share/doc/ipkungfu/AUTHORS
/usr/share/doc/ipkungfu/README
/usr/share/doc/ipkungfu/FAQ
/usr/share/doc/ipkungfu/ChangeLog
/usr/share/doc/ipkungfu/COPYING
SEE ALSO
iptables(8).
January 2003 ipkungfu(8)