Questions tagged [iptables]
Iptables is a module that provides the Linux operating system functions of firewall, NAT and logging of data traveling over a computer network.
1,958 questions
0
votes
0
answers
34
views
iptables: drop all packets that don't match a destination port
Advice
iptablesnetfilter
I want to drop all packets (from interface wg0) that are not coming in on port 51821.
Claude told me to use the rules
iptables -A INPUT -i wg0 -p udp --dport 51821 -j ACCEPT
...
- 1
6
votes
2
answers
188
views
How to connect wlan1 hotspot to a Docker container?
I have a Docker container at 172.30.0.2/24, and a wlan1 wifi dongle with a hotspot SSID, at address 10.42.0.1/24, with a device that is supposed to connect to the docker container.
If I put the ...
- 23
0
votes
0
answers
101
views
How do I route all traffic from one interface to another on Linux?
wg-quick has created some routes/rules that routes ALL traffic to wg0 and I want to override this so that all incoming traffic from the eth0 interface is routed to the wg0 (wireguard) interface, while ...
- 141
1
vote
1
answer
85
views
Why is my VPN access point on a Raspberry Pi not working? Clients don't have internet access
I’m building a Raspberry Pi 3B as a Wi-Fi AP/gateway. The specs are:
Raspberry Pi OS 64-bit (Debian Trixie-based), kernel 6.12.47+rpt-rpi-v8
The Goal: Route Wi-Fi clients only through a VPN interface (...
- 111
1
vote
0
answers
83
views
How do allow clients to connect to my local net with WireGuard while still being able to use Proton as a VPN?
I have two WireGuard interfaces:
wg0 that my clients connect to.
wg-proton that the server connects to.
When I wg-quick up wg0 my clients can connect normally and they act as if they are on my local ...
- 11
2
votes
0
answers
49
views
Why is my WireGuard multi-hop configuration not working as expected?
I've created a WireGuard hub to handle connections pointed at my home lab as well as redirecting traffic to the internet through another peer. As my mobile phone/devices can leverage a traditional VPN ...
1
vote
0
answers
58
views
Why can't I get an IPTables redirect rule to work?
I'm working with a network router which runs this Linux firmware
Linux SNR-CPE-ME2-SFP-Lite 3.4.113.185 #1 SMP Wed Mar 19 13:55:06 +05 2025 mips GNU/Linux
I'm trying to set up a traffic redirection ...
1
vote
1
answer
59
views
Trouble with Iptables using recent module
I have a web server that uses a additional restful server in a different port. I would like to allow traffic to the restful server only after a connection to the main server has been established. To ...
- 113
0
votes
0
answers
43
views
Internet <--- Wi-Fi USB Card (wlo1) + workstation (Fedora 42) + VPN (OpenVPN) ---> LAN card (enp0s25) ---> wire ---> AP (Wi-Fi) = VPN + Wi-Fi
I have my hardware connected like this:
Internet <--- Wi-Fi USB Card (wlo1) + workstation (Fedora 42) + VPN (OpenVPN) ---> LAN card (enp0s25) ---> wire ---> AP (Wi-Fi) = VPN + Wi-Fi
When I ...
- 1
1
vote
1
answer
57
views
How to mirror a server using iptables?
So, I know that it's a fairly common problem (albeit mine is a bit different from usual), but I still can't get it to work. What I want:
Let's say there's a remote server (we'll call it REMOTE), and I ...
- 21
1
vote
1
answer
103
views
How to connect an OpenVPN client to a port redirected site?
I have a Linux box A as a NAT server. I have set up an internal server B under A to provide an web (HTTPS) service through port redirection from A, i.e.,
A: hostname: A.host.name,
public IP: 140.XXX....
1
vote
1
answer
628
views
How to limit (firewall / iptable like rules) the network access that a rootless podman container has to the world and vice versa, without sudo?
I have a rootless Podman container that is going to run, from my Ubuntu user machine, some critical code that is security sensitive, has access to secrets within the container, etc. For security ...
- 173
-1
votes
1
answer
245
views
How to isolate warp with netns and connect it to a docker container?
What is the usual way to manage external network namespaces that aren't handled by Docker?
My goal is to use Cloudflare Warp as the container's network connection. However, I want to avoid running ...
- 192
1
vote
1
answer
179
views
How to route traffic from a Docker container to a local port?
I would like to route traffic from a container to a local host port. I can not use the port exposure command line option for docker run, because the port is already in use.
Conceptually, with the ...
- 121
0
votes
0
answers
52
views
cant reach my site on wireguard server and client
I set up a home server and am done via WireGuard, as my ISP is CGNAted. Everything is working fine, and my sites are accessible to mobiles and other non-WireGuard clients. But I can't reach my site on ...
- 11