9 More Discussions You Might Find Interesting
1. IP Networking
Hi, I am relatively new to firewalls and netfilter. I have a Debian Stretch router box running dnsmasq, connected to a VPN. Occasionally dnsmasq polls all of the desired DNS servers to select the fastest. When it does this it responds to replies of the non-selected DNS servers with a icmp type... (0 Replies)
Discussion started by: CrazyDave
0 Replies
2. Cybersecurity
Hello,
I did 2 scripts. The second one is, I hope, more secure.
What do you think?
Basic connection (no server, no router, no DHCP and the Ipv6 is disabled)
#######script one
####################
iptables -F
iptables -X -t filter
iptables -P INPUT DROP
iptables -P FORWARD... (6 Replies)
Discussion started by: Thomas342
6 Replies
3. UNIX for Advanced & Expert Users
Hi,
I've been struggling with this all morning and seem to have a blind spot on what the problem is. I'm trying to use iptables to block traffic on a little cluster of raspberry pi's but to allow ssh and ping traffic within it.
The cluster has a firewall server with a wifi card connecting to... (4 Replies)
Discussion started by: steadyonabix
4 Replies
4. Proxy Server
Hi there,
I have a VPS and am working on a little side project for myself and friend which is a DNS proxy. Everything was great till recently. My VPS IP has been detected by some botnet or something, and I believe SMURF attacks are occuring. The VPS provider keeps shutting down my VPS... (3 Replies)
Discussion started by: phi0x
3 Replies
5. Web Development
Hi all,
Exactly like my title says.
I am learning PHP and MySQL and I used to use /var/www/ to host (contain or store) my files (.htm/.php) for testing. I could configure, finally, apache2 to use ~/public_html instead.
Now I when I tried to use $_SERVER it still directs (I used echo to show... (7 Replies)
Discussion started by: faizlo
7 Replies
6. Red Hat
Hi Champs
i am new in Iptables and trying to write rules for my Samba server.I took some help from internet, created one script and run from rc.local :
#Allow loopback
iptables -I INPUT -i lo -j ACCEPT
# Accept packets from Trusted network
iptables -A INPUT -s my-network/subnet -j... (0 Replies)
Discussion started by: Vaibhav.T
0 Replies
7. Ubuntu
Could someone help me with writing rules for iptables?
I need a dos attacks protection for a game server.
port type udp
ports 27015:27030
interface: eth0
Accept all packets from all IPs
Chek if IP sent more than 50 packets per second
Drop all packets from this IP for 5 minutes
I would be... (0 Replies)
Discussion started by: Greenice
0 Replies
8. Cybersecurity
Hello,
I was playing around with iptables to setup an isolated system. On a SLES10 system, I ran the below to setup my first draft of rules. I noticed that the rules come into effect immediately and do not require any restart of iptables.
iptables -A INPUT -j ACCEPT
iptables -A OUTPUT -m... (4 Replies)
Discussion started by: garric
4 Replies
9. IP Networking
Hi
I have small home network and I want to block some forums on web
When I use this
iptables -A INPUT -s forum -j DROP
rules is applied but when I restart some of PC rules are not present any more also I tried to save firewall settings
iptables-save > /root/dsl.fw
but how to... (2 Replies)
Discussion started by: solaris_user
2 Replies
DANSGUARDIAN(8) dansguardian DANSGUARDIAN(8)
NAME
DansGuardian2 - web content filter
SYNOPSIS
dansguardian [ -c config-file ] [ -v ] [ -h ] [ -N ] [ -q ] [ -Q ] [ -s ] [ -r ] [ -g ]
SUMMARY
DansGuardian is a web content filtering proxy(1) for Linux, NetBSD, FreeBSD, OpenBSD, and Solaris that uses Squid(2) to do all the fetch-
ing.
It filters using multiple methods. These methods include URL and domain filtering, content phrase filtering, PICS filtering, MIME type fil-
tering, file extension filtering, POST limiting and content (AV) scanning.
The content phrase filtering will check for pages that contain profanities and phrases often associated with pornography and other undesir-
able content. The POST filtering allows you to block or limit web uploads. The URL and domain filtering is able to handle huge lists and
is significantly faster than squidGuard.
Content scanning enables downloaded content to be passed through ClamD, KAVD, any local program with machine-parseable console output, and
any other AV scanner available as an ICAP server.
The filtering has configurable domain, user and source IP exception lists. SSL tunneling is supported; however, due to the encrypted
nature of HTTPS requests, filtering is only supported on destination domain. The configurable logging produces a log in an easy to read
format which has the option to only log the text-based pages, thus significantly reducing redundant information such as every image on a
page.
DansGuardian is under continuous development and so it is best to visit the web site for the latest information.
(1) Technically DansGuardian is more of a filtering pass-through than a true proxy - but don't let that worry you!
(2) DansGuardian should work with any proxy, not just Squid. For example, it is known to work with Oops.
DOCUMENTATION
For all further information including copyright, support, FAQ, docs, mailing list - please go to:
http://dansguardian.org/
Mirror: http://dansguardian.intmain.com/
Available documentation can be found at
http://www.dansguardian.org/?page=documentation
The DansGuardian FAQ is at http://www.dansguardian.org/?page=faq
Some useful HOWTOs that cover specific implimentations of DansGuardian and caching/filtering in general can be found at
http://www.dansguardian.org/?page=howto
Information about Debian specific changes and configuration can be found in /usr/share/doc/dansguardian/changelog.Debian.gz .
OPTIONS
-c config-file
Use the given config-file.
-v gives the version number and build options.
-h Output a short summary of available command line options.
-N Do not go into the background.
-q causes DansGuardian to kill any running copy.
-Q kill any running copy AND start a new one with current options.
-s shows the parent process PID and exits.
-r closes all connections and reloads config files by issuing a HUP, but this does not reset the maxchildren option (amongst others).
-g gently restarts by not closing all current connections; only reloads filter group config files. (Issues a USR1)
COPYRIGHT
DansGuardian is copyright Daniel Barron 2001.
daniel@jadeb.com
Daniel Barron Oct 2008 DANSGUARDIAN(8)