Iptables Not Working
After I start iptables:
service iptables start
There is not any message coming up.
When use
service iptables status,
It said:
iptables: Firewall is not running.
My os is fedora core 6
View Complete Thread with Replies
Sponsored Links:
Related Forum Messages:
Iptables Not Working With CSF
I have CSF installed on one of our server. CSF dont ban the IP and if manually it is done I get following error. ---------------- csf -d 195.88.65.47 Adding 195.88.65.47 to csf.deny and iptables DROP... iptables: Index of insertion too big DROP all opt -- in !lo out * 195.88.65.47 -> 0.0.0.0/0 Error: iptables command [/sbin/iptables -v -I INPUT 2 -i ! lo -s 195.88.65.47 -j DROP] failed, at line 864 ------------------- Also iptables is not running on server. If status is checked it says its stopped. I have many sites on my server I dont want to get any downtime. Please let us know how can we fix this issue as soon as possible. I have tried reinstall CSF but still the issue remains same.
View Replies!
View Related
Iptables Block An IP Not Working
I use iptables -I INPUT -s 60.216.238.212 -j DROP To block ip, not working After issue netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n I can still see 87 218.86.252.158 163 219.150.191.62 301 60.216.238.212 60.216.238.212 still has 301 connection, any idea. Basically, I use ddos-deflate to block ddos attack. I already set the max conection to 25. But it seems not working. all the connections over 25 have not been blocked. Did I miss something? I mean after I issue iptables -I INPUT -s 60.216.238.212 -j DROP Do I need to do something like refresh iptables?
View Replies!
View Related
Connection State ESTABLISHED,RELATED Is Not Working In My Iptables
connection state ESTABLISHED,RELATED is not working in my iptaables...? Accept If input interface is lo Accept If state of connection is ESTABLISHED,RELATED Drop If protocol is ICMP Accept If protocol is TCP and destination port is 80 Accept If protocol is TCP and destination port is 99 Accept If protocol is TCP and destination port is 25 Accept If protocol is TCP and destination port is 110 Accept If protocol is TCP and destination port is 10000 Accept If protocol is TCP and destination port is 21 Accept If protocol is TCP and destination port is 30000:30500 Accept If protocol is UDP and destination port is 53 Accept If protocol is UDP and source port is 53 Accept If protocol is TCP and destination port is 445 Accept If protocol is TCP and destination port is 2390 this in my Incoming packets rules.. Outgoing packets are all accepted.. so if i made connection from the server the input rules shuld accept them because it is established and related connection.. But it wont work.. any ideas about it..? my vps is running on cent os 5.2 final.. and the control panel is webmin.
View Replies!
View Related
After Flush+zero Iptables, Will A New Iptables Ban Work
I execute the following commands, in the following order: iptables --flush iptables --zero iptables -A INPUT -s 218.65.12.161 -j DROP will that last command successfully ban that IP until reboot? If not, what needs to be done? I can't access my site if I don't flush + zero iptables first but I need to be able to ban with iptables.
View Replies!
View Related
Non-working Forwarding Email Account On Working Domain
I have a domain with a few forwarding email accounts that forward to mac.com email accounts... for some reason every once in a while these accounts stop working... This is the error I get when I email to that account: This message was created automatically by mail delivery software. A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed: ...
View Replies!
View Related
Iptables Gone
I am experiencing a strange problem with iptables: after in activate them, they are gone in a few minutes. For example, I drop traffic from an ip and after few seconds, all rules are flushed without touching anything!
View Replies!
View Related
IPTables
Is there a way for me to whitelist myself or something? I get up everyday and have to call LSN because my server has blocked me for some reason...
View Replies!
View Related
Iptables
If I keep getting spam from a certain IP, can I add that IP to Iptables? Will it stop me receiving spam from that IP? I'm not quite sure how it all works. Or what is the most effective method to stop spam?
View Replies!
View Related
IPTables
I've got two VPS's and both have the same ruleset for outbound EG_TCP Code: EGF="1" EG_TCP_CPORTS="21,25,37,43,53,80,110,113,123,443,873,2089,3306" EG_UDP_CPORTS="53,465,873,6277" Whenever I turn EGF to 1 my VPS locks me out of everything, I need togo into hyperVM to turn it off and restart my firewall. What would cause this? It's Fedora Core 5 on OpenVZ i've googled and cannot seem to find a reason why it would do that. Could be something in the host node kernel that may need adjusting?
View Replies!
View Related
Iptables
I am working with iptables and am trying to figure out the best ruleset for cpanel servers. I have a few custom ports for a few services, but other than that, does anyone have a recommended ruleset for the typical cpanel cluster?
View Replies!
View Related
Iptables
Do you find iptables enough or do you use a hardware firewall for linux? I haven't used anything less than hardware firewalls for years but I gather than most simply rely on iptables. Is that a smart choice?
View Replies!
View Related
IPTables
I got blocked by my server. Hivelocity helped me to gain access by my server. I was told that to avoid being blocked again I should type iptables -A INPUT 202.155.151.185 -j ACCEPT What I ended up was iptables -A INPUT 202.155.151.185 -j ACCEPT Bad argument `202.155.151.185' Try `iptables -h' or 'iptables --
View Replies!
View Related
Iptables !
i have code : 1. IF=`/sbin/route | grep -i 'default' | awk '{print$8}'` 2. IP=`/sbin/ifconfig $IF | grep "inet addr" | awk -F":" '{print$2}' | awk '{print $1}'` 3. IPT="/usr/sbin/iptables" 4. NET="any/0" 5. DNS="xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy" 6. SERV_TCP="22 80 443 " 7. SERV_UDP="53 123" 8. HI_PORTS="1024:65535" ........ i dont know line of 5's sense .I am must changed warrant is what?
View Replies!
View Related
Iptables
Code: # iptables -D INPUT -s 25.55.55.55 -j DROP iptables v1.3.8: Couldn't load target `standard':/usr/local/lib/iptables/libipt_standard.so: cannot open shared object file: No such file or directory What is going on? The libipt_standard.so file is located in /lib/iptables, but not /usr/local/lib/iptables. I tried moving all of the libipt files into the /usr/local/lib/iptables directory, but I got segmentation errors.
View Replies!
View Related
Cannot Load Iptables
# apf -r Unable to load iptables module (ip_tables), aborting. # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination # uname -a Linux servername 2.6.17.9 #1 SMP Sun Aug 27 17:08:11 ICT 2006 i686 athlon i386 GNU/Linux is there any reason that I cannot use iptables? If I edit monokern option in apf to 1, I cannot use ftp in passive mode
View Replies!
View Related
Flushing Iptables
I keep trying to flush my iptables on my linux server but every time i try to do so my server seems to freeze (i lose access and have to reboot it for it to come back online), how can I go about deleting those ips manually rather than executing the flushing command? what options do I have?
View Replies!
View Related
Iptables Do Not Start
i create a template for xen ( hypervm ) from jailtime site. now i install iptables , but iptables do not work and when i enter " service iptables restart" , iptables do not start. ( i check it from "service iptables status" )
View Replies!
View Related
Iptables Processing
I used a script to block some unwanted countries from accessing my site. In total I had about 3000 lines with ipranges. Now I just went ahead and put this on one of the servers, one that I really don't need the traffic on. But I am wondering what kind of affect this may have on the speeds. Will it really affect it more then a few ms? And anything else I should maybe worry about? Except maybe the loading time at reboots.
View Replies!
View Related
Why Iptables Not Work
My site is under DDOS attack. I run this command netstat -an | grep :80 | grep ffff | awk '{print $5}' | cut -f 4 -d : | sort | uniq -c | sort -n | tail -10 And find a lot of IP that are attacking. After that, i run iptables -A INPUT -s xxx -j DROP to block IP, and service iptables save service iptables restart But when i run netstat command abouve, i found IP are attacking still available, it seem iptables don't block it?
View Replies!
View Related
IPTables/Conntrack
I upgraded to the 2.6.27 kernel and iptables to 1.4.2 but can't seem to get CSF to run and i believe its because of conntrack not being found: Code: error: "net.netfilter.nf_conntrack_icmp_timeout" is an unknown key error: "net.netfilter.nf_conntrack_tcp_timeout_close" is an unknown key error: "net.netfilter.nf_conntrack_tcp_timeout_time_wait" is an unknown key error: "net.netfilter.nf_conntrack_tcp_timeout_last_ack" is an unknown key error: "net.netfilter.nf_conntrack_tcp_timeout_close_wait" is an unknown key error: "net.netfilter.nf_conntrack_tcp_timeout_fin_wait" is an unknown key error: "net.netfilter.nf_conntrack_tcp_timeout_established" is an unknown key error: "net.netfilter.nf_conntrack_tcp_timeout_syn_recv" is an unknown key error: "net.netfilter.nf_conntrack_tcp_timeout_syn_sent" is an unknown key error: "net.netfilter.nf_conntrack_udp_timeout" is an unknown key error: "net.netfilter.nf_conntrack_udp_timeout_stream" is an unknown key net.netfilter.nf_conntrack_max = 262144 kernel config: Code: # # Core Netfilter Configuration # CONFIG_NETFILTER_NETLINK=m CONFIG_NETFILTER_NETLINK_QUEUE=m CONFIG_NETFILTER_NETLINK_LOG=m CONFIG_NF_CONNTRACK=m CONFIG_NF_CT_ACCT=y CONFIG_NF_CONNTRACK_MARK=y # CONFIG_NF_CONNTRACK_SECMARK is not set # CONFIG_NF_CONNTRACK_EVENTS is not set CONFIG_NF_CT_PROTO_DCCP=m CONFIG_NF_CT_PROTO_SCTP=m # CONFIG_NF_CT_PROTO_UDPLITE is not set # CONFIG_NF_CONNTRACK_AMANDA is not set CONFIG_NF_CONNTRACK_FTP=m # CONFIG_NF_CONNTRACK_H323 is not set # CONFIG_NF_CONNTRACK_IRC is not set # CONFIG_NF_CONNTRACK_NETBIOS_NS is not set # CONFIG_NF_CONNTRACK_PPTP is not set # CONFIG_NF_CONNTRACK_SANE is not set # CONFIG_NF_CONNTRACK_SIP is not set # CONFIG_NF_CONNTRACK_TFTP is not set # CONFIG_NF_CT_NETLINK is not set CONFIG_NETFILTER_XTABLES=m CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m CONFIG_NETFILTER_XT_TARGET_CONNMARK=m # CONFIG_NETFILTER_XT_TARGET_DSCP is not set CONFIG_NETFILTER_XT_TARGET_MARK=m CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m # CONFIG_NETFILTER_XT_TARGET_NFLOG is not set CONFIG_NETFILTER_XT_TARGET_NOTRACK=m # CONFIG_NETFILTER_XT_TARGET_RATEEST is not set # CONFIG_NETFILTER_XT_TARGET_TRACE is not set CONFIG_NETFILTER_XT_TARGET_SECMARK=m # CONFIG_NETFILTER_XT_TARGET_TCPMSS is not set # CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP is not set CONFIG_NETFILTER_XT_MATCH_COMMENT=m CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m....
View Replies!
View Related
Iptables Rules
One of my low knowledge area's is Iptables Rule's I just normally use APF/CSF. However on a VPS Host node, I basically want to block all access to a certain port let's say 1234 apart from a certain IP address. However I don't want to block this port on any of the VPS's on the Node, so what Iptable Rule(s) would I need to put into a bash script on startup.
View Replies!
View Related
Csf And Iptables
i install csf on centos, my server is working but the network is unreachable, i try to run "service iptables stop", and the server is unreachable now, i check from whm,it shows csf is working, but i ssh the server and type "service iptables status", it shows "firewall is stopped", is it correct? is not,how can i fix the issue?
View Replies!
View Related
Webmin ( Iptables)
we have problem with webmin and iptables we must STOP iptables service to work webmin ! also when iptables running seems apache goes down we must STOP iptable service to work apache.
View Replies!
View Related
How Do I Disable IPTables?
I installed APF/BFD a log time ago on my centos server and have had no problems up until now. Approx 3 days ago, the server was uncontactable by SSH/HTTP/FTP. So I ran a traceroute and the host confirmed the box was up with no problems. He disabled IPTables and I was allowed in. Anyway, overnight, the same thing has happenned again. I will have to SSH in from another IP however, my main question is how do I disable IPTables ? Or better still, how do I uninstall APF!
View Replies!
View Related
Configuring My Iptables
I saw an ad on WHT by LimeStone Networks and decided to get a server from them. My server was made within few hours. On the server, I was only able to connect to the SSH on port 22, I could not login to the DirectAdmin or anything. So, I tried shutting down the "iptables" firewall like this: Code: service iptables stop and then tried to access the directadmin like this: [url] and it worked. So, the problem is that, my host only configured ssh on my server and didnt configure the rest. How do I open the rest of ports, e.g. 2222 (directadmin) 80 (web server) 21 (ftp) 443 (https) 3306 (mysql) etc... ? on the welcome email, this is what they said about the firewall, but I don't quite understand Quote: Please be advised that your server's firewall is active for your protection and will only accept connections on port 22/tcp by default. If you modify firewall or IPTable rules on your server, please be sure to have them configured to allow inbound and outbound traffic on all ports (TCP & UDP 1-65535) from 209.130.152.0/28.
View Replies!
View Related
Iptables Configuration
Can somebody help me out with a simple iptables configuration? I basically need to deny all traffic except the following external ports: tcp port 2020 for ssh tcp port 3306 for mysql tcp port 80 for http icmp port for pinging
View Replies!
View Related
Iptables Restart
I have configured the iptables ruleset to fit my taste, however after I did a reboot, my server still loaded the old one, any steps did I missed ? What i did was : 1. edit rules 2. iptables-save > firewall.log 3. service iptables save 4. reboot
View Replies!
View Related
Setting Iptables Up
I've got 2 questions: 1 - I'm using a custom kernel, how can i set my kernel to support iptables ? I saw menuconfig but there wasn't anything about 2 - I should reinstall iptables with following modules : ip_tables ipt_state ipt_multiport iptable_filter ipt_limit ipt_owner ipt_LOG ipt_REJECT ipt_conntrack ip_conntrack ip_conntrack_ftp iptable_mangle What should i do?
View Replies!
View Related
How To Clean All IP From Iptables
In APF I can download deny_hosts.rules and delete all the IP there but how about iptalbes? I tried to find the file that store the IP but I couldn't find it. I flushed the iptalbes but when I restart it all the ip come back. Code: iptables --flush and I also tried Code: [url] Where is the ip stored at iptalbes?
View Replies!
View Related
Iptables Locking Me Out
[root@server001 root]# iptables --flush [root@server001 root]# service iptables restart Flushing firewall rules: [ OK ] Setting chains to policy ACCEPT: filter mangle nat [ OK ] Unloading iptables modules: [FAILED] Applying iptables firewall rules: [ OK ] As soon as I restarted it, I got locked out again. Disabling iptables enables me back in ssh. What can I do to fix this?
View Replies!
View Related
Iptables + Google Smtp
iptables + google smtp I've got OpenSSL Version OpenSSL 0.9.8b 04 May 2006 running on PHP5 and am having some trouble sending mail through an external SMTP. What rules would I need to setup on my iptables to allow the server to send mail through tls://smtp.gmail.com rather than on my local mail server? Google seems to allow SMTP traffic through port 465 and 587.
View Replies!
View Related
How Many IP Address U Blocked On IPtables
for about only 3 months running, my server iptables has 36 ipaddresses blocked so far (most of them are from .edu.cn and .edu.tw, dunno why? maybe because of summer break hehe..). Those IP got blocked mostly because of SSH bruteforce. Everytime I noticed any SSH bruteforce on my /var/log/secure, I just issued "iptables -A INPUT -p all -s [ipaddress] -j DROP" so, I'm just curious, how about yours ? how many IP in your blocked lists?
View Replies!
View Related
My Own IP Keeps Getting Added To Iptables Rules
I had csf firewall installed, and due to my own stupidity, attempted to login with the wrong password one too many times, which added my IP to iptables, locking me out. I had to SSH into a linux box at school, and then ssh into my server to stop the iptables service so I could get into my server. I removed every trace of my IP that I could find in csf, but sometime in the middle of the night, iptables reloads some rules from somewhere that blocks me again. I also tried doing iptables -F to clear all rules, but again, sometime in the middle of the night, rules are reloaded and I get blocked. I even uninstalled csf to no avail. I just want to remove my IP once and for all.
View Replies!
View Related
I Have To Flush Iptables On Every Reboot
I'm running CentOS 4.4 32 bit. At the moment every time I reboot my server I have to execute: # iptables --flush # iptables --zero just to be able to access the server. (Though it does allow SSH to access before executing those). And I figured out that I must do something to /etc/sysconfig/iptables to permanently be able to access the server without those commands after reboot. Right? Below is the file's contents: # Firewall configuration written by system-config-securitylevel # Manual customization of this file is not recommended. *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :RH-Firewall-1-INPUT - [0:0] -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited COMMIT What do I need to do?
View Replies!
View Related
CentOS 5.3 And Iptables Connlimit
Can it be done? This posting from almost a year ago suggests it's not easy: http://lists.centos.org/pipermail/ce...ne/059656.html # iptables -I RH-Firewall-1-INPUT 10 -p tcp --syn --dport 80 -m connlimit --connlimit-above 16 -j DROP iptables: Unknown error 4294967295 The box is in question is also a Xen host, so I'm pretty hesitant to go mucking with the available options, such as rebuilding the kernel or recompiling the packages. Has anyone else out there solved this previously?
View Replies!
View Related
Round Robin With Iptables
iptables -t nat -A POSTROUTING -o eth0 -j SNAT -p tcp --dport 80 --to-source 1.2.3.4-1.2.3.6 If I'm understanding the iptables man correctly this rule should round-robin outgoing http requests over the IP range, instead it's sticking to the first IP no matter how many connections I make.
View Replies!
View Related
IPTABLES (Linux Firewalls)
IPTABLES(Linux Firewalls) Use Of Iptables? Filtering packets based on a MAC address and the values of the flags in the TCP header. This is helpful in preventing attacks using malformed packets and in restricting access from locally attached servers to other networks in spite of their IP addresses. Firewall also keeps track of each connection passing through it and in certaincases will view the contents of data flows in an attempt to anticipate the next action of certain protocols. This is an important feature in the support of active FTP and DNS, as well as many other network services. How IP Tables works? All packets inspected by iptables pass through a sequence of built-in tables (queues) for processing. Each of these queues is dedicated to a particular type of packet activity and is controlled by an associated packet transformation/filtering chain. There are three tables in total. The first is the mangle table which is responsible for the alteration of quality of service bits in the TCP header. This is hardly used in a home or SOHO environment. The second table is the filter queue which is responsible for packet filtering. It has three built-in chains in which you can place your firewall policy rules. a) INPUT Table b) OUTPUT Table c) FORWARD Table General Syntax of the iptables is as follows: IPTABLES -A {INPUT,OUTPUT,FORWARD} -p {tcp,udp} --sport(dport) -s {ip} -j {DROP,REJECT,ACCEPT} To Block the incomming ip: IPTABLES -A OUTPUT -p tcp --sport{1..65535} -s {ipaddress} -j DROP {REJECT} To Block the outcomming ip: IPTABLES -A INPUT -p tcp --sport{1..65535} -s {ipaddress} -j DROP {REJECT} You can also use --dport instead of --sport & you can use -d instead of -s which specifies source or destination respectively.
View Replies!
View Related
IPtables Chain Problem
I've been running CentOS 5.1 for some time on a new box and while this question isn't really a problem per se it is rather annoying. I've configured my iptables to reject everything except the ports I need yet for some reason, either cPanel or CentOS adds a chain with a redirect as rule number one called acctboth. The chain opens up everything from what I can tell. Any ideas how to disable this?
View Replies!
View Related
Unknown Iptables Module
I've bought a basic unmanaged VPS, purely to learn things from it. The best way to learn imo is to hammer the hell out of things, break it, then try to fix it. Anyway, I think I'm part way there, pretty sure I've broken something When I start the consoleSSH I get this at the top: Warning: Unknown iptable module: xt_NFQUEUE, skipped Warning: Unknown iptable module: xt_mark"IPTABLES="ipt_REJECT, skipped Warning: Unknown iptable module: xt_NFQUEUE, skipped Warning: Unknown iptable module: xt_mark"IPTABLES="ipt_REJECT, skipped Warning: Unknown iptable module: xt_NFQUEUE, skipped Warning: Unknown iptable module: xt_mark, skipped Any ideas what's causing it and how I can fix it? ..............
View Replies!
View Related
Quick IPTables Commands
Quick IPTables Commands List: iptables -L -n | grep <IP Address> Remove: iptables -D INPUT -s <IP 1> -d <IP 2> -j DROP Insert: iptables -I INPUT -s <IP> -j DROP Flush: iptables -F Remove: iptables -D OUTPUT -s 0.0.0.0/0 -d 66.93.33.185 -j DROP netstat -nap | grep :80 | wc –l (shows # of connections to HTTP) netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort –n (shows total connections per IP, if more than 100 block)
View Replies!
View Related
|
TRACKER
