Login or Register to Ask a Question and Join Our Community


UNIX for Advanced & Expert Users

How iptables directs to localhost in this series of iptable rules

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums UNIX for Advanced & Expert Users How iptables directs to localhost in this series of iptable rules
# 8  
Old 11-04-2011
Quote:
Originally Posted by otheus
Did you look at the flowchart/visuals i linked to?
Haven't had a chance to sit down with it yet, but I'm eager to do so, because I have it conceptually in my head, but am looking at it from every angle I can so I can really "get it."

Thanks,
Narnie
Login or Register to Ask a Question

Previous Thread | Next Thread

9 More Discussions You Might Find Interesting

1. IP Networking

iptables - formatting icmp rules

Hi, I am relatively new to firewalls and netfilter. I have a Debian Stretch router box running dnsmasq, connected to a VPN. Occasionally dnsmasq polls all of the desired DNS servers to select the fastest. When it does this it responds to replies of the non-selected DNS servers with a icmp type... (0 Replies)
Discussion started by: CrazyDave
0 Replies

2. Cybersecurity

Need help for iptables rules

Hello, I did 2 scripts. The second one is, I hope, more secure. What do you think? Basic connection (no server, no router, no DHCP and the Ipv6 is disabled) #######script one #################### iptables -F iptables -X -t filter iptables -P INPUT DROP iptables -P FORWARD... (6 Replies)
Discussion started by: Thomas342
6 Replies

3. UNIX for Advanced & Expert Users

iptables help with rules

Hi, I've been struggling with this all morning and seem to have a blind spot on what the problem is. I'm trying to use iptables to block traffic on a little cluster of raspberry pi's but to allow ssh and ping traffic within it. The cluster has a firewall server with a wifi card connecting to... (4 Replies)
Discussion started by: steadyonabix
4 Replies

4. Proxy Server

IPtable rules for DNS/http/https traffic for specific hosts only, not working.

Hi there, I have a VPS and am working on a little side project for myself and friend which is a DNS proxy. Everything was great till recently. My VPS IP has been detected by some botnet or something, and I believe SMURF attacks are occuring. The VPS provider keeps shutting down my VPS... (3 Replies)
Discussion started by: phi0x
3 Replies

5. Web Development

$_SERVER['DOCUMENT_ROOT'] directs to /var/www not ~/public_html

Hi all, Exactly like my title says. I am learning PHP and MySQL and I used to use /var/www/ to host (contain or store) my files (.htm/.php) for testing. I could configure, finally, apache2 to use ~/public_html instead. Now I when I tried to use $_SERVER it still directs (I used echo to show... (7 Replies)
Discussion started by: faizlo
7 Replies

6. Red Hat

iptables Rules for my network

Hi Champs i am new in Iptables and trying to write rules for my Samba server.I took some help from internet, created one script and run from rc.local : #Allow loopback iptables -I INPUT -i lo -j ACCEPT # Accept packets from Trusted network iptables -A INPUT -s my-network/subnet -j... (0 Replies)
Discussion started by: Vaibhav.T
0 Replies

7. Ubuntu

iptables rules (ubuntu)

Could someone help me with writing rules for iptables? I need a dos attacks protection for a game server. port type udp ports 27015:27030 interface: eth0 Accept all packets from all IPs Chek if IP sent more than 50 packets per second Drop all packets from this IP for 5 minutes I would be... (0 Replies)
Discussion started by: Greenice
0 Replies

8. Cybersecurity

Editing rules on iptables

Hello, I was playing around with iptables to setup an isolated system. On a SLES10 system, I ran the below to setup my first draft of rules. I noticed that the rules come into effect immediately and do not require any restart of iptables. iptables -A INPUT -j ACCEPT iptables -A OUTPUT -m... (4 Replies)
Discussion started by: garric
4 Replies

9. IP Networking

Iptables rules at boot

Hi I have small home network and I want to block some forums on web When I use this iptables -A INPUT -s forum -j DROP rules is applied but when I restart some of PC rules are not present any more also I tried to save firewall settings iptables-save > /root/dsl.fw but how to... (2 Replies)
Discussion started by: solaris_user
2 Replies
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

dansguardian

DANSGUARDIAN(8) 						   dansguardian 						   DANSGUARDIAN(8)

NAME

       DansGuardian2 - web content filter

SYNOPSIS

       dansguardian [ -c config-file ] [ -v ] [ -h ] [ -N ] [ -q ] [ -Q ] [ -s ] [ -r ] [ -g ]

SUMMARY

       DansGuardian  is  a web content filtering proxy(1) for Linux, NetBSD, FreeBSD, OpenBSD, and Solaris that uses Squid(2) to do all the fetch-
       ing.

       It filters using multiple methods. These methods include URL and domain filtering, content phrase filtering, PICS filtering, MIME type fil-
       tering, file extension filtering, POST limiting and content (AV) scanning.

       The content phrase filtering will check for pages that contain profanities and phrases often associated with pornography and other undesir-
       able content.  The POST filtering allows you to block or limit web uploads.  The URL and domain filtering is able to handle huge lists  and
       is significantly faster than squidGuard.

       Content	scanning enables downloaded content to be passed through ClamD, KAVD, any local program with machine-parseable console output, and
       any other AV scanner available as an ICAP server.

       The filtering has configurable domain, user and source IP exception lists.  SSL tunneling is  supported;  however,  due	to  the  encrypted
       nature  of  HTTPS  requests, filtering is only supported on destination domain.	The configurable logging produces a log in an easy to read
       format which has the option to only log the text-based pages, thus significantly reducing redundant information such as every  image  on  a
       page.

       DansGuardian is under continuous development and so it is best to visit the web site for the latest information.

	(1) Technically DansGuardian is more of a filtering pass-through than a true proxy - but don't let that worry you!

	(2) DansGuardian should work with any proxy, not just Squid. For example, it is known to work with Oops.

DOCUMENTATION

       For all further information including copyright, support, FAQ, docs, mailing list - please go to:

	 http://dansguardian.org/
	 Mirror: http://dansguardian.intmain.com/

       Available documentation can be found at
	http://www.dansguardian.org/?page=documentation

       The DansGuardian FAQ is at http://www.dansguardian.org/?page=faq

       Some useful HOWTOs that cover specific implimentations of DansGuardian and caching/filtering in general can be found at
	http://www.dansguardian.org/?page=howto

       Information about Debian specific changes and configuration can be found in /usr/share/doc/dansguardian/changelog.Debian.gz .

OPTIONS

       -c config-file
	      Use the given config-file.

       -v     gives the version number and build options.

       -h     Output a short summary of available command line options.

       -N     Do not go into the background.

       -q     causes DansGuardian to kill any running copy.

       -Q     kill any running copy AND start a new one with current options.

       -s     shows the parent process PID and exits.

       -r     closes all connections and reloads config files by issuing a HUP, but this does not reset the maxchildren option (amongst others).

       -g     gently restarts by not closing all current connections; only reloads filter group config files. (Issues a USR1)

COPYRIGHT

       DansGuardian is copyright Daniel Barron 2001.

	 daniel@jadeb.com

Daniel Barron							     Oct 2008							   DANSGUARDIAN(8)