Skip to main content
Unix & Linux

Questions tagged [iptables]

Ask Question

iptables allow creation of rules to define packet filtering behavior. The most reliable way to provide an iptables ruleset in a question is with the output of (as root): iptables-save -c

904 questions with no upvoted or accepted answers
Newest Active Bountied Unanswered
6 votes
0 answers
4k views

I have a Linux box with these interfaces: eth0 Link encap:Ethernet HWaddr 14:da:e9:ef:75:7d inet addr:176.9.85.182 Bcast:176.9.85.191 Mask:255.255.255.224 tun0 Link encap:UNSPEC ...
steved's user avatar
  • 61
6 votes
3 answers
3k views

I am looking to create a load balancing server. Essentially here is what I want to do: I have a public IP address, lets say 1.1.1.1 I have a second public IP address, lets say 2.2.2.2. I have a ...
Matthew St Nicholas Iverson's user avatar
  • 69
5 votes
0 answers
3k views

I tried to use firewalld instead of ufw, but it keeps showing the following errors even after manually downloading python-nftables through sudo apt install iptables is not being used. $ systemctl ...
Nimbus's user avatar
  • 51
5 votes
0 answers
3k views

I have a custom systemd service which I want to restrict to the local interface. On ctrl.blog systemd application firewalls examples I found that it should be possible to achieve this using only the ...
staxyz's user avatar
  • 649
5 votes
0 answers
4k views

I'm trying to use iptables to load balance web traffic over multiple DSL lines by marking the packets and routing based on the mark. I'm working with CentOS 6.6, Kernel 2.6.32-504.16.2.el6.x86_64, ...
NudeRaider's user avatar
  • 51
5 votes
1 answer
2k views

I have a sytem with three network interfaces. Below is the configuration that I'm trying to set up. wlan0 (its actually an WiFi AP interface) - other devices connects via this interface. net1 - ...
Ashgang's user avatar
  • 51
5 votes
0 answers
4k views

I have a set of rules that are supposed to give me the most protection before things like fail2ban and other things are added to the mix. The issue is that although everything checks out in the test, ...
Quantum's user avatar
  • 771
5 votes
0 answers
1k views

I wrote this rule to change all udp destination IP addresses to 8.8.8.8 when dport is 53: iptables -t nat -A OUTPUT -p udp -m udp --dport 53 -j DNAT --to-destination 8.8.8.8 The rule worked when I ...
Baba's user avatar
  • 3,489
4 votes
2 answers
2k views

I've been running fail2ban for a bit, and recently installed iptables-persistent and am using it with ipset for a blacklist (there's one particular IP that is always hammering away at this machine). ...
zzxyz's user avatar
  • 339
4 votes
1 answer
278 views

I have all the traffic coming on port 22. I chose a random port 221 on which i want all of the traffic to be routed. This is the rule i used iptables -t nat -A PREROUTING -p tcp --dport 22 -j ...
user288351's user avatar
  • 41
4 votes
0 answers
685 views

Using the arpspoof command I have created a MITM attack on another device. I would now like to forward the traffic through an SSH tunnel (SOCKS5 Proxy). Heres an example.... Client 1-----MITM----->...
user7886229's user avatar
  • 221
4 votes
0 answers
1k views

In case of IPv4 we have net.ipv4.conf.all.send_redirects flag, but it's not available for IPv6. Is there anything better than this? ip6tables -A OUTPUT -p icmpv6 --icmpv6-type redirect -j DROP For ...
h31's user avatar
  • 41
4 votes
0 answers
3k views

Given 3 ethernet interfaces, I'd like to accomplish this: eth0 -> WAN eth1 -> EAPoL authenticator eth2 -> IP Nat to private network In this scenario, I would like ebtables to filter and ...
RandomUser's user avatar
  • 163
4 votes
0 answers
197 views

My system's set to send only a particular user's traffic through a vpn (via iptables and --uid-owner). It works fine, but that user's DNS leaks onto the open net. Any way to send only one user's DNS ...
iPherian's user avatar
  • 141
4 votes
0 answers
454 views

I have an Access Point with OpenWrt. On other host of the same LAN there is a squid (IP Address 192.168.80.148). I'd like to route packages with destination port 80 to 192.168.80.148. So I have root@...
sebelk's user avatar
  • 4,689

15 30 50 per page
1
2 3 4 5
61