Questions tagged [iptables]
iptables allow creation of rules to define packet filtering behavior. The most reliable way to provide an iptables ruleset in a question is with the output of (as root): iptables-save -c
2,703 questions
0
votes
0
answers
40
views
Docker iptables behavior
I have two Redhat 8 virtual machines. I'm running Docker on both, in this case as a host for the application called Graphite.
The VMs started out identical to each other, and I pulled the same Docker ...
1
vote
2
answers
36
views
Relay IP between hosts
This might be a trivial question:
I have two hosts A and B that can access the internet behind NATs.
Their NATs do not allow for hole-punching or any other way to connect them directly.
Host C is a ...
- 11
0
votes
1
answer
44
views
iptables changes not having any effect [closed]
I was attempting to interrupt a TCP connection on my system, and was altering iptables rules using the iptables command.
Nothing I did seemed to have any effect, though. Inserting and deleting rules ...
- 175
1
vote
2
answers
152
views
Drop all packets sent to localhost and particular port
I want to drop all packets sent to a particular port. I first tried using firewalld/iptables-nft settings but that failed (maybe they're being processed by the kernel only?).
I succeeded in blocking ...
- 305
2
votes
1
answer
86
views
How to enable internet access for a bridge inside a Linux network namespace?
I've created two Linux network namespaces (ns1 and ns2), and inside each, I have:
A bridge (ns1-br0, ns2-br0)
A TAP device (tap0, tap1) connected to the respective bridge
Each TAP device gets an IP ...
0
votes
1
answer
192
views
Allow specific IP addresses through iptables with Wireguard
I have a number of self hosted services on my home server, running Arch Linux.
Context
A number of these are held in Docker containers (each with their own Docker compose file), though one (Jellyfin) ...
- 26
1
vote
0
answers
56
views
How packet can get lost between filter INPUT and security INPUT chains of iptables?
From this flowchart https://stuffphilwrites.com/wp-content/uploads/2024/05/FW-IDS-iptables-Flowchart-v2024-05-22.png I know that packet goes from the INPUT chain of the filter table right into the ...
- 23
0
votes
1
answer
125
views
route traffic to 127.0.0.1
My scenario:
I have two machines:
192.168.1.1
192.168.1.2
Machine 2 has a ssh server and I created a tunnel in machine 1 such as:
ssh -CfND 7777 [email protected] -4
I ran above command in machine ...
- 11.3k
0
votes
1
answer
54
views
Iptables does not apply drop policy for other ports
I'm running a server where iptables is configured with a default DROP policy and I’ve only explicitly allowed certain ports (e.g., HTTP, HTTPS, SSH on port 22, etc.). Despite never adding a rule for ...
1
vote
0
answers
61
views
Is it possible to route GTP traffic in Linux?
I want to be able to route GTP-U traffic that arrives to my linux through two different interfaces. However, I want to route it using information inside the tunnel: inner ip addresses. My machine is ...
- 11
1
vote
0
answers
44
views
What does the phrase "consider native interface" refer to when the nftables wiki says that xt_bpf match is unsupported
In this list of unsupported xtables features. xt_bpf is listed as one of the unsupported features. The comment says to "consider native interface". But what interface is being referred to ...
- 599
3
votes
1
answer
229
views
Why can't I connect a network namespace to the Internet?
I've seen other answers on this site and read an article and watched a video on the topic, but I still can't connect my network namespace to the outside world.
Setup
I created a namespace named "...
- 133
1
vote
2
answers
133
views
IPIP tunnel between two docker containers on separate servers
Thank you in advance for your attention to my question and your help.
I have a rather specific task. I need to set up an IPIP tunnel between two Docker containers located on different physical servers....
- 11
0
votes
1
answer
182
views
Upgraded k8 worker node from ubuntu 20.04 to 22.04. DNS resolution/networking inside pods doesn’t work & pods keep crashing/restarting
I have a k8 cluster based on Ubuntu 20.04
1 master and 3 worker nodes.
I drained one of the worker node. Put kubectl,iptables, kubeadm, kubelet & containerd packages on hold.
OS upgrade to 22.04, ...
0
votes
1
answer
165
views
How to set `iptables` so NTP works while internet access is blocked
I want to configure iptables such that it blocks everything except
Date time synchronization over the internet using NTP and
Access from machines in the LAN.
I wrote the following script:
# Reset ...
- 286