Search Results

Search found 131 results on 6 pages for 'ufw'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 2/6 | < Previous Page | 1 2 3 4 5 6  | Next Page >

  • See configured rules even when inactive

    - by Bryan
    Hello, I'm wondering if it's possible to get UFW to list the configured firewall rules even when it's not enabled. I only have ssh access to the server at this time, and I don't want to enable UFW if there's not a rule configured allowing ssh. However, since UFW is currently not enabled, I just get an "inactive" message when I run "ufw status". Is there a special flag I can use or even some config file I can look at to see what rules are configured even when the firewall is disabled?

    Read the article

  • In ufw is there any way to disable logging for a particular rule?

    - by thomasrutter
    I am using UFW with a default logging policy of "low". I would like to keep this logging on for the default deny action, but disable it for a particular IP address only. So I'd like to create one particular new rule that doesn't have logging. Is there a way to achieve this? I have a rather uncomplicated ufw setup so far, like this: Status: active Logging: on (low) Default: deny (incoming), allow (outgoing) New profiles: skip To Action From -- ------ ---- 22/tcp LIMIT Anywhere 80/tcp ALLOW Anywhere 443/tcp ALLOW Anywhere 22/tcp ALLOW Anywhere (v6) 80/tcp ALLOW Anywhere (v6) 443/tcp ALLOW Anywhere (v6)

    Read the article

  • Configure firewall (Shorewall/UFW) to allow traffic for services on an Ubuntu Server

    - by Niklas
    I have an Ubuntu Server 11.04 x64 which I want to secure. The server will be open to Internet and I want to be able to SSH/SFTP into the machine and the SSH-server runs on a custom set port. I also want a web server accessible from the Internet. These tasks seems not to hard to perform but I also want SAMBA-shares to be accessible from within the local network and this seems to be a bit trickier. If possible I also want to be able to "stealth" the ports necessary to protect the server further but also allow the SAMBA-shares to be automatically found within the local network. I've never configured firewalls before except for a router and I always bump into a bunch of problem when doing it all by myself so I was hoping for some tips or preferably a guide on how to this. Thank you! Update: On second thought I'd could just as likely go with UFW if the same settings are achievable ("stealth" ports).

    Read the article

  • Ubuntu comes with firewall by default?

    - by LuC1F3R
    I understand the Ubuntu comes with firwallul UFW is true? There is a GUI for it? if so, what is his name and where do I download? It is possible that UFW notify us (like in windows with a pop-up windows)when someone wants access to your pc or when an application wants to go out on the internet? Is there any firewall for ubuntu notify you when someone wants access to your PC or when an application wants to access the Internet?

    Read the article

  • Port listening on localhost:8000 but not on ip:8000

    - by Marionette
    Hello I'm running a web application on port 8000. When I access it from the host server localhost:8000 it responds ok, 127.0.0.1:8000 also works, but 192.168.1.7:8000 does not work. 192.168.1.7 is the ip of my server. Also if i try to go to another web application running on port 80 it works 192.168.1.7 I enabled ufw firewall and set ufw default allow. I am using ubuntu server 12.04 Any suggestions on why I can't get to my app on port 8000 using the ip-address:8000? Thanks in advance!

    Read the article

  • Windows VirtualBox can't browse network

    - by Don Kirkby
    I'm running Windows XP as a VirtualBox guest OS under Ubuntu 11.10, and I can't browse the Windows network. It seems like I can connect to some specific network shares, maybe only ones that are already mapped to drives. If I disable ufw, it all works fine, and when I enable it again, the network browsing continues to work. I tried looking at /var/log/ufw.log and saw it blocking port 138. When I allowed that port, then I saw it blocking port 137. I found this answer, and it led me to bug 360975. The bug originally asked for both nf_conntrack_pptp and nf_conntrack_netbios_ns to be added to the defaults, but in comment 11, Jamie decided not to include nf_conntrack_pptp in the fix. I tried adding it in, and it seemed to solve my problem, but then the problem came back. How can I let the Windows guest OS browse the local network?

    Read the article

  • why opening a port is so difficult in ubuntu?

    - by icn
    I have searched around and I have run these commands iptables -A INPUT -p tcp -d 0/0 -s 0/0 --dport 5432 -j ACCEPT iptables-save > /etc/iptables.rules And I rebooted the box. I had no luck. What am I missing? IS there a universal way to do this thing in ubuntu? I remember in fedora I just need to edit a text file and make it happen. Thanks UPDATE I have run ufw allow 5432 and I ran ufw status I got this result Status: active To Action From -- ------ ---- 5432/tcp ALLOW Anywhere 80 ALLOW Anywhere 22 ALLOW Anywhere 5432 ALLOW Anywhere 5432/tcp ALLOW Anywhere (v6) 80 ALLOW Anywhere (v6) 22 ALLOW Anywhere (v6) 5432 ALLOW Anywhere (v6) I still cannot access 5432!

    Read the article

  • Ubuntu cannot access internet, LAN is fine

    - by Kevin Southworth
    I have an Ubuntu 8.04 LTS server that is directly connected to our Comcast Business Gateway modem and I have configured it with 1 of our 5 allotted Static IPs. My other machines on our LAN can connect to this server (via ssh, web, ping, etc.) but I cannot access this server from outside our network, and this machine cannot get out to the internet either (ping google.com fails with unknown host). Here is my /etc/networking/interfaces file: auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 173.162.54.19 netmask 255.255.255.248 broadcast 173.162.54.23 gateway 173.162.54.22 and my /etc/resolv.conf: nameserver 68.87.77.130 nameserver 68.87.72.130 output from sudo route -n: Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 173.162.54.16 0.0.0.0 255.255.255.248 U 0 0 0 eth0 0.0.0.0 173.162.54.22 0.0.0.0 UG 100 0 0 eth0 I have a Windows 2008 machine with an almost identical Static IP, static DNS setup and it works correctly, can access it within the LAN and also from public internet, the Windows machine and the Ubuntu machine are both directly connected to the Comcast Business Gateway. I have tried rebooting Ubuntu, rebooting my Comcast modem, but nothing seems to make it work. I'm an Ubuntu noob, is there some other config I need to apply to make this work? UPDATE: Yes I am able to ping my default gateway 173.162.54.22 output of iptables --list -n: Chain INPUT (policy DROP) target prot opt source destination ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-input all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy DROP) target prot opt source destination ufw-before-forward all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-forward all -- 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination ufw-before-output all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-output all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-after-forward (1 references) target prot opt source destination LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix `[UFW BLOCK FORWARD]: ' RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-after-input (1 references) target prot opt source destination RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:137 RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:138 RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:139 RETURN tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:445 RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:67 RETURN udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:68 LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix `[UFW BLOCK INPUT]: ' RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-after-output (1 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-forward (1 references) target prot opt source destination ufw-user-forward all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-input (1 references) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED DROP all -- 0.0.0.0/0 0.0.0.0/0 ctstate INVALID ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 3 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 4 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 11 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 12 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68 ufw-not-local all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 224.0.0.0/4 0.0.0.0/0 ACCEPT all -- 0.0.0.0/0 224.0.0.0/4 ufw-user-input all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-before-output (1 references) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 state NEW,RELATED,ESTABLISHED ufw-user-output all -- 0.0.0.0/0 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-not-local (1 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL RETURN all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type MULTICAST RETURN all -- 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type BROADCAST LOG all -- 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 10 LOG flags 0 level 4 prefix `[UFW BLOCK NOT-TO-ME]: ' DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-user-forward (1 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-user-input (1 references) target prot opt source destination ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:80 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:22 RETURN all -- 0.0.0.0/0 0.0.0.0/0 Chain ufw-user-output (1 references) target prot opt source destination RETURN all -- 0.0.0.0/0 0.0.0.0/0

    Read the article

  • How to enable ufw firewall to allow icmp response?

    - by Jeremy Hajek
    I have a series of Ubuntu 10.04 servers and each one has ufw firewall enabled. I have allowed port 22 (for SSH) and 80 (if it's a webserver). My question is that I am trying to enable icmp echo response (ping reply). ICMP functions differently than other protocols--I know it is below the IP level in a technical sense. You can just type sudo ufw allow 22, but you cannot type sudo ufw allow icmp How should attack this problem?

    Read the article

  • iptables rules keep showing up

    - by Omriko
    I just installed an ubuntu precise server, after a few weird communications issues I checked the iptables list and found: Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- 10.0.0.0/24 anywhere tcp spts:1024:65535 dpt:ssh state NEW ACCEPT icmp -- anywhere anywhere state NEW ACCEPT icmp -- anywhere anywhere state NEW ACCEPT icmp -- anywhere anywhere state NEW ACCEPT icmp -- anywhere anywhere state NEW DROP tcp -- anywhere anywhere tcp dpt:10520 state NEW DROP udp -- anywhere anywhere udp spts:1:65535 dpt:31337 state NEW DROP udp -- anywhere anywhere udp spts:1:65535 dpt:31338 state NEW DROP udp -- anywhere anywhere udp spts:1:65535 dpt:54320 state NEW DROP udp -- anywhere anywhere udp spts:1:65535 dpt:54321 state NEW DROP tcp -- anywhere anywhere tcp dpt:12345 state NEW DROP tcp -- anywhere anywhere tcp dpt:12346 state NEW DROP tcp -- anywhere anywhere tcp dpt:20034 state NEW DROP tcp -- anywhere anywhere tcp dpt:16600 state NEW DROP tcp -- anywhere anywhere tcp dpt:16660 state NEW DROP tcp -- anywhere anywhere tcp dpt:65000 state NEW DROP udp -- anywhere anywhere udp dpt:34555 state NEW DROP udp -- anywhere anywhere udp dpt:35555 state NEW DROP udp -- anywhere anywhere udp spts:netbios-ns:netbios-dgm dpts:netbios-ns:netbios-dgm state NEW DROP tcp -- anywhere anywhere tcp spts:1024:65535 dpt:netbios-ssn state NEW DROP tcp -- anywhere anywhere tcp spts:1024:65535 dpt:microsoft-ds state NEW DROP udp -- anywhere anywhere udp spt:microsoft-ds dpt:microsoft-ds state NEW DROP udp -- anywhere anywhere udp spts:1024:65535 dpt:microsoft-ds state NEW DROP tcp -- anywhere anywhere tcp spts:1024:65535 dpt:loc-srv state NEW DROP tcp -- anywhere anywhere tcp spts:1024:65535 dpt:5000 state NEW DROP tcp -- anywhere anywhere tcp spts:1024:65535 dpts:1025:1029 state NEW DROP udp -- anywhere anywhere udp spts:1:65535 dpt:loc-srv state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:28082 state NEW DROP all -- anywhere anywhere state NEW Chain FORWARD (policy DROP) target prot opt source destination Chain OUTPUT (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT tcp -- anywhere anywhere tcp spts:tcpmux:65535 dpts:tcpmux:65535 state NEW ACCEPT udp -- anywhere anywhere udp dpts:1:65535 state NEW ACCEPT icmp -- anywhere anywhere state NEW ACCEPT tcp -- anywhere anywhere tcp spts:1024:65535 dpt:28082 state NEW DROP all -- anywhere anywhere state NEW I tried to wipe the rules, I disabled UFW, Ive rewritten and saved iptables rules according to this guide, but every minute or so the old rules return.... I checked crontab for scheduled tasks, there is nothing in there but still these rules appear every minute... please help!

    Read the article

  • Open port in gufw is closed, no incoming connection on deluge

    - by user66987
    I have a problem configuring gufw. I open ports on it, but when i test in deluge it shows as closed. Any help on setting up the firewall would be greatly appreciated. This is the output I get on the firewall in terminal: Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1346/dnsmasq tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 970/cupsd tcp 0 0 0.0.0.0:55521 0.0.0.0:* LISTEN 17362/python tcp6 0 0 ::1:631 :::* LISTEN 970/cupsd tcp6 0 0 :::55521 :::* LISTEN 17362/python udp 0 0 10.0.0.125:1900 0.0.0.0:* 17362/python udp 0 0 127.0.0.1:1900 0.0.0.0:* 17362/python udp 0 0 0.0.0.0:1900 0.0.0.0:* 17362/python udp 0 0 127.0.0.1:53162 0.0.0.0:* 17362/python udp 0 0 127.0.0.1:53 0.0.0.0:* 1346/dnsmasq udp 0 0 0.0.0.0:68 0.0.0.0:* 1312/dhclient udp 0 0 10.0.0.125:36948 0.0.0.0:* 17362/python udp 0 0 0.0.0.0:37240 0.0.0.0:* 17362/python udp 0 0 10.0.0.125:6771 0.0.0.0:* 17362/python udp 0 0 127.0.0.1:6771 0.0.0.0:* 17362/python udp 0 0 0.0.0.0:6771 0.0.0.0:* 17362/python udp 0 0 10.0.0.125:50034 0.0.0.0:* 17362/python udp 0 0 0.0.0.0:58340 0.0.0.0:* 982/avahi-daemon: r udp 0 0 0.0.0.0:5353 0.0.0.0:* 982/avahi-daemon: r udp 0 0 0.0.0.0:56947 0.0.0.0:* 17362/python udp 0 0 127.0.0.1:57059 0.0.0.0:* 17362/python udp6 0 0 :::49793 :::* 982/avahi-daemon: r udp6 0 0 :::5353 :::* 982/avahi-daemon: r kenneth@kenneth-K53U:~$ sudo ufw status Status: aktive Til Handling Fra --- -------- --- 6881:6891/tcp ALLOW Anywhere 6881:6891/udp ALLOW Anywhere 55521/tcp ALLOW Anywhere 6881:6891/tcp ALLOW Anywhere (v6) 6881:6891/udp ALLOW Anywhere (v6) 55521/tcp ALLOW Anywhere (v6) I also want to be able to use the firewall with linuxdc, so I need other ports open as well. This is connected to the firewall. Because when I turn off the firewall, the port is open. So this is not a problem with my modem. Do I need the firewall? The broadband modem has a hardware firewall. Update: Forgot to add. When my firewall is inactive, it closes ports after a time. So when I use linuxdc, I have to flush iptabels and activating it again. Is this supposed to do this when the firewall is deactivated? Update again: All my ports are closed now, flushing the iptable does not work anymore. I have uninstalled gufw, but still all my ports are closed. And to say it again, this has nothing to do with my broadband modem since it worked when I used windows 7. I need help to open the ports.

    Read the article

  • Iptables Issue can't SSH Remote Machines

    - by Lonston
    I want to SSH to 192.168.1.15 Server from my machine, my ip was 192.168.1.99 Source Destination was UP, with IP 192.168.1.15. This is LAN Network there are 30 Machine's Connected to the network and working fine, I'm Playing around the local machine's cos i need to apply the same rules in Production VPS I have applied the below iptables in my machine 192.168.1.99, Now i can't receive any packets from Outside and i can't send any packets Outside, While applying the Below Chain iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP After the above CHAIN i have added the Below rules and it want to allow ssh from machine to 192.168.1.15 to access the 192.164.1.15 but still i can't access 192.168.1.15 iptables -A INPUT -p tcp -i eth0 --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A OUTPUT -p tcp -o eth0 --sport 22 -m state --state ESTABLISHED -j ACCEPT iptables -A OUTPUT -o eth0 -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT iptables -A INPUT -i eth0 -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT Any one Please Check Weather my Rules are Wrigt. Still i can't access the machine 15

    Read the article

  • Trouble configuring sendmail to relay mail

    - by Warren Schubert
    I am trying to configure sendmail and ufw on an ubuntu server (ServerA) so that another server (ServerB) can send mail through it. In my /etc/mail/access file I have the following line (a.b.c.d is the IP of ServerB): Connect:a.b.c.d RELAY My ufw status shows the following rule I added: 25/tcp ALLOW a.b.c.d When I telnet from ServerA I get through: telnet localhost 25 When I telnet from ServerB I don't (w.x.y.z is the IP of ServerA): telnet w.x.y.z 25 telnet: Unable to connect to remote host: Connection refused I did restart the sendmail daemon after editing the access file. What could I be missing? Something in sendmail.mc? Edit: netstat -an|grep -w 25 tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN

    Read the article

  • IP Masquerade and forwarding

    - by poelinca
    Hi all , i got a dedicated server running ubuntu server 10.10 with 3 ip adresses on the same eth card ( example: eth0 192.168.0.1 , eth0:0 188.78.45.0 , eth0:1 ... ) with a 3 virtual machines running ( virtualization technologi used is lxc but i don't think this matters too much ) . Now i need to redirect all ports opened ( using ufw to close/open ports ) from the ip 188.78.54.0 ( eth0:0 ) to a virtual machine ip ( let's say for example 192.168.2.3 ) , all requests made by a virtual machine should be redirected back to the virtual machine that made the request ( in this example 192.168.2.3 ) . Lets say the second vm has the ip 192.168.2.4 now i need to redirect all opened ports to from eth0:1 to this ip and viceversa . And so on and so on , what are the iptables/ufw rules to get this done ? and where to save them ( witch config file ) so they stay the same after reboot . In a few words redirect all requests comming from/to eth0:0 to a certan ip , all requests comming from/to eth0:1 to another ip ... Remember i'm saying all ports opened becouse they might be dynamicly changed . p.s. please excuse my bad english

    Read the article

  • Opening firewall to incoming port 443

    - by jrdioko
    I recently set up the ufw firewall on a Linux machine so that outgoing connections are allowed, incoming connections are denied, and denied connections are logged. This seems to work fine for most cases, but I see many denied connections that are incoming on port 443 (many with IPs associated with Facebook). I can open that port to incoming connections, but first wanted to ask what these could be. Shouldn't HTTPS requests be initiated by me and be treated as outbound, not inbound connections? Is it typical to open incoming port 443 on consumer firewalls?

    Read the article

  • How to place a virtual machine in DMZ?

    - by Giordano
    I have an Ubuntu 12.04 server running few virtual machines with KVM. I would like to expose some of these virtual machines on the internet, to make it possible for customers to test the products we're developing and make available other products for demo purposes. One of the server NICs is configured with a public IP. However before exposing anything on the web I would like to be sure that if one of the virtual machines get compromised, the attacker doesn't reach the rest of the hosts. What I would like to do is to put these virtual machines into a DMZ. These are the steps I'm planning to do: Create a tap interface in the virtualization host (let's say tap1) Create a bridge using tap1 and give it an IP in a subnet separate from the other hosts. Let's say 10.0.0.1 Attach the DMZ virtual machines to the bridge and configure their IP statically (10.0.0.2, 10.0.0.3, etc...) Using UFW, forbid any traffic from 10.0.0.0/24 to any of the internal hosts, allow the traffic from the internal hosts towards 10.0.0.0/24 and expose the virtual machines on the web using port forwarding. Do you think this setup is safe? Can you suggest any improvement or a better/safer approach? Thanks in advance!

    Read the article

  • iptables mac address filtering not work

    - by Tony Lee
    I block every port default by ufw and add iptables rules like this: sudo iptables -A INPUT -p tcp --dport 1723 -m mac --mac-source 00:11:22:33:44:55 -j ACCEPT then I list iptables INPUT rules: sudo iptables -L INPUT --line-numbers Chain INPUT (policy DROP) num target prot opt source destination 1 ACCEPT udp -- anywhere anywhere udp dpt:domain 2 ACCEPT tcp -- anywhere anywhere tcp dpt:domain 3 ACCEPT udp -- anywhere anywhere udp dpt:bootps 4 ACCEPT tcp -- anywhere anywhere tcp dpt:bootps 5 ufw-before-logging-input all -- anywhere anywhere 6 ufw-before-input all -- anywhere anywhere 7 ufw-after-input all -- anywhere anywhere 8 ufw-after-logging-input all -- anywhere anywhere 9 ufw-reject-input all -- anywhere anywhere 10 ufw-track-input all -- anywhere anywhere 11 ACCEPT tcp -- anywhere anywhere tcp dpt:1723 MAC 00:11:22:33:44:55 but I can't visit my server:1723 Is there sth wrong? I use Ubuntu 11.10

    Read the article

  • Unable to connect to mail server via IMAP and roundcube

    - by mrhatter
    I am having trouble getting the final parts of my mail server up and working. I followed this tutorial to get everything set up on the mail server side. I have installed roundcube for webmail and configured it but it is saying "error connecting, connection refused" when attempting to connect to it using IMAP. This is thorough the "test imap" section of its installer. Also it is giving me an error message about perissions for it's log and temp folders but that's not as important as acutally getting mail to work. I have also tried connecting to the mail server using thunderbird however it cannot establish a connection either and I know my login information is correct. I know that the databases are working correctly based on the roundcube installer telling me that they have been "successfully initialized". Here are my firewall rules -A INPUT -i lo -j ACCEPT -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m tcp --dport 25 -j ACCEPT -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT -A INPUT -p tcp -m tcp --dport 465 -j ACCEPT -A INPUT -p tcp -m tcp --dport 487 -j ACCEPT -A OUTPUT -p tcp -m tcp --dport 993 -j ACCEPT -A INPUT -j DROP Which I set up in iptables. I have modified them from what I used in this tutorial I'm not sure what to try next. Any help would be wonderful! I am using Ubuntu 14.04 server, apache 2.4.7, roundcube 1.0.1, and the latest versions of dovecot and postfix. The email databases are contained in mysql. I am running this on a VPS server. UPDATE: I have changed from iptables to using ufw. I have run the following commands to set up a basic firewall with ufw. ufw default deny ufw allow ssh ufw allow http ufw allow https ufw allow imap ufw allow imaps ufw allow smtp I then used telnet to check all of the mail ports. But Port 993 isnt working even though ufw says both 993 and 993/tcp are open. What am I missing?

    Read the article

  • configuring two network interfaces in ubuntu 10.04.1

    - by Bill Smith
    I have got two NICs configured on a VM - each is tied to a specific network, one is a DMZ, the other is an internal network. I want MySQL to listen on the internal network only and Apache on the DMZ listening for HTTP and HTTPS. But as soon as I add the second interface I run into trouble. I can hit HTTP on either interface, but can not hit 3306 on the internal network for MySQL. Here's the config... could someone sanity check this please? auto lo iface lo inet loopback auto eth0 iface eth0 inet static address 10.153.24.230 netmask 255.255.255.240 network 10.153.24.224 broadcast 10.153.24.239 dns-nameservers 8.8.8.8 auto eth1 iface eth1 inet static address 10.153.24.195 netmask 255.255.255.224 gateway 10.153.24.193 broadcast 10.153.23.223

    Read the article

  • How to access Jenkins remotely on Ubuntu 12.04 server?

    - by quincyglenn
    I have installed Jenkins and opened port 8080 on Ubuntu 12.04 server but still can't access Jenkins remotely. Below is the procedures I took. # Install Jenkins, enable UFW and open port 8080 sudo apt-get install jenkins sudo ufw enable sudo ufw allow 8080 sudo ufw reload # Check the status sudo ufw status 8080 ALLOW Anywhere 8080 ALLOW Anywhere (v6) # Locally curl -I localhost:8080 HTTP/1.1 200 OK Server: Winstone Servlet Engine v0.9.10 ... # On an external machine curl -I [ip]:8080 couldn't connect to host

    Read the article

  • Cannot FTP without simultaneous SSH connection?

    - by Lucas
    I'm trying to set up an old box as a backup server (running 10.04.4 LTS). I intend to use 3rd party software on my PC to periodically connect to my server via FTP(S) and to mirror certain files. For some reason, all FTP connection attempts fail UNLESS I'm simultaneously connected via SSH. For example, if I use putty to test the connection to port 21, the system hangs and times out. I get: 220 Connected to LeServer USER lucas 331 Please specify the password. PASS [password] <cursor> However, when I'm simultaneously logged in (in another session) everything works: 220 Connected to LeServer USER lucas 331 Please specify the password. PASS [password] 230 Login successful. Basically, this means that my software will never be able to connect on its own, as intended. I know that the correct port is open because it works (sometimes) and nmap gives me: Starting Nmap 5.00 ( http://nmap.org ) at 2012-03-20 16:15 CDT Interesting ports on xx.xxx.xx.x: Not shown: 995 closed ports PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 53/tcp open domain 139/tcp open netbios-ssn 445/tcp open microsoft-ds Nmap done: 1 IP address (1 host up) scanned in 0.15 seconds My only hypothesis is that this has something to do with iptables. Maybe it's allowing only established connections? I don't think that's how I set it up, but maybe? Here's my iptables rules for INPUT: lucas@rearden:~$ sudo iptables -L INPUT Chain INPUT (policy DROP) target prot opt source destination fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh ufw-before-logging-input all -- anywhere anywhere ufw-before-input all -- anywhere anywhere ufw-after-input all -- anywhere anywhere ufw-after-logging-input all -- anywhere anywhere ufw-reject-input all -- anywhere anywhere ufw-track-input all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere tcp dpt:ftp I'm using vsftpd. Any thoughts/resources on how I could fix this? L

    Read the article

  • Fail2Ban adds iptable rules but they are not working?

    - by EApubs
    Fail2Ban just blocked my IP for 3 SSH attempts. It added the iptables rule and I can see it using the "sudo iptables -L -n" command. But I can still access the site and login through SSH! What might be the problem? Is it because im using CloudFlare? I have set Nginx to write the real IPs to the access logs instead of the Cloud Flare IP. Isn't it enough? Chain fail2ban-ssh (1 references) target prot opt source destination DROP all -- 119.235.14.8 0.0.0.0/0 RETURN all -- 0.0.0.0/0 0.0.0.0/0 The input chain : Chain INPUT (policy DROP) target prot opt source destination fail2ban-NoAuthFailures tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 fail2ban-nginx-dos tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 80,8090 fail2ban-postfix tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 25,465 fail2ban-ssh-ddos tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22 fail2ban-ssh tcp -- 0.0.0.0/0 0.0.0.0/0 multiport dports 22 ufw-before-logging-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-before-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-after-logging-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-reject-input all -- 0.0.0.0/0 0.0.0.0/0 ufw-track-input all -- 0.0.0.0/0 0.0.0.0/0 LOG all -- 0.0.0.0/0 0.0.0.0/0 LOG flags 0 level 4

    Read the article

  • How can I back up my ubuntu system?

    - by Eloff
    I'm sure there's a lot of questions on here similar to this, and I've been reading them, but I still feel this warrants a new question. I want nightly, incremental backups (full disk images would waste a lot of space - unless compressed somehow.) Preferably rotating or deleting old backups when running out of space or after a fixed number of backups. I want to be able to quickly and painlessly restore my system from these backups. This is my first time running ubuntu as my main development machine and I know from my experience with it as a server and in virtual machines that I regularly manage to make it unbootable or damage it to the point of being unable to rescue it. So how would you recommend I do this? There are so many options out there I really don't know where to start. There seems to be a vocal school of thought that it's sufficient to backup your home directory and the list of installed packages from the package manager. I've already installed lots of things from source, or outside of the package manager (development tools, ides, compilers, graphics drivers, etc.) So at the very least, if I do not back up the operating system itself I need to grab all config files, all program binaries, all created but required files, etc. I'd rather backup too much than too little - an ubuntu install is tiny anyway. Also this drastically reduces the restore time, which would cost me more in my time than the extra storage space. I tried using Deja Dup to backup the root partition, excluding some things like /mnt /media /dev /proc etc. Although many websites assured me you can backup a running linux system this way - that seems to be false as it complained that it could not backup the following files: /boot/System.map-3.0.0-17-generic /boot/System.map-3.2.0-22-generic /boot/vmcoreinfo-3.0.0-17-generic /boot/vmlinuz-3.0.0-17-generic /boot/vmlinuz-3.2.0-22-generic /etc/.pwd.lock /etc/NetworkManager/system-connections/LAN Connection /etc/apparmor.d/cache/lightdm-guest-session /etc/apparmor.d/cache/sbin.dhclient /etc/apparmor.d/cache/usr.bin.evince /etc/apparmor.d/cache/usr.lib.telepathy /etc/apparmor.d/cache/usr.sbin.cupsd /etc/apparmor.d/cache/usr.sbin.tcpdump /etc/apt/trustdb.gpg /etc/at.deny /etc/ati/inst_path_default /etc/ati/inst_path_override /etc/chatscripts /etc/cups/ssl /etc/cups/subscriptions.conf /etc/cups/subscriptions.conf.O /etc/default/cacerts /etc/fuse.conf /etc/group- /etc/gshadow /etc/gshadow- /etc/mtab.fuselock /etc/passwd- /etc/ppp/chap-secrets /etc/ppp/pap-secrets /etc/ppp/peers /etc/security/opasswd /etc/shadow /etc/shadow- /etc/ssl/private /etc/sudoers /etc/sudoers.d/README /etc/ufw/after.rules /etc/ufw/after6.rules /etc/ufw/before.rules /etc/ufw/before6.rules /lib/ufw/user.rules /lib/ufw/user6.rules /lost+found /root /run/crond.reboot /run/cups/certs /run/lightdm /run/lock/whoopsie/lock /run/udisks /var/backups/group.bak /var/backups/gshadow.bak /var/backups/passwd.bak /var/backups/shadow.bak /var/cache/apt/archives/lock /var/cache/cups/job.cache /var/cache/cups/job.cache.O /var/cache/cups/ppds.dat /var/cache/debconf/passwords.dat /var/cache/ldconfig /var/cache/lightdm/dmrc /var/crash/_usr_lib_x86_64-linux-gnu_colord_colord.102.crash /var/lib/apt/lists/lock /var/lib/dpkg/lock /var/lib/dpkg/triggers/Lock /var/lib/lightdm /var/lib/mlocate/mlocate.db /var/lib/polkit-1 /var/lib/sudo /var/lib/urandom/random-seed /var/lib/ureadahead/pack /var/lib/ureadahead/run.pack /var/log/btmp /var/log/installer/casper.log /var/log/installer/debug /var/log/installer/partman /var/log/installer/syslog /var/log/installer/version /var/log/lightdm/lightdm.log /var/log/lightdm/x-0-greeter.log /var/log/lightdm/x-0.log /var/log/speech-dispatcher /var/log/upstart/alsa-restore.log /var/log/upstart/alsa-restore.log.1.gz /var/log/upstart/console-setup.log /var/log/upstart/console-setup.log.1.gz /var/log/upstart/container-detect.log /var/log/upstart/container-detect.log.1.gz /var/log/upstart/hybrid-gfx.log /var/log/upstart/hybrid-gfx.log.1.gz /var/log/upstart/modemmanager.log /var/log/upstart/modemmanager.log.1.gz /var/log/upstart/module-init-tools.log /var/log/upstart/module-init-tools.log.1.gz /var/log/upstart/procps-static-network-up.log /var/log/upstart/procps-static-network-up.log.1.gz /var/log/upstart/procps-virtual-filesystems.log /var/log/upstart/procps-virtual-filesystems.log.1.gz /var/log/upstart/rsyslog.log /var/log/upstart/rsyslog.log.1.gz /var/log/upstart/ureadahead.log /var/log/upstart/ureadahead.log.1.gz /var/spool/anacron/cron.daily /var/spool/anacron/cron.monthly /var/spool/anacron/cron.weekly /var/spool/cron/atjobs /var/spool/cron/atspool /var/spool/cron/crontabs /var/spool/cups

    Read the article

  • Google-Chrome 10 stable crash on every page

    - by Achu
    I installed google-chrome today, when i open any page including askubuntu i got this error message. i see my memory usage is normal(Memory 56% and swap 4.8%) also I reload and i go to another page same problem What is the problem? the last dmesg output [26612.341865] lo: Disabled Privacy Extensions [29651.852476] chrome[15472] general protection ip:1528e26 sp:7fff514a9dc0 error:0 in chrome[400000+3082000] [31447.190586] [UFW BLOCK] IN=eth1 OUT= MAC=00:1c:25:a1:e7:67:00:16:3e:28:5a:b7:08:00 SRC=172.23.100.6 DST=172.23.20.128 LEN=69 TOS=0x00 PREC=0x00 TTL=128 ID=15939 PROTO=UDP SPT=4243 DPT=161 LEN=49 [31451.250190] [UFW BLOCK] IN=eth1 OUT= MAC=00:1c:25:a1:e7:67:00:16:3e:28:5a:b7:08:00 SRC=172.23.100.6 DST=172.23.20.128 LEN=69 TOS=0x00 PREC=0x00 TTL=128 ID=16180 PROTO=UDP SPT=4243 DPT=161 LEN=49 [31454.260150] [UFW BLOCK] IN=eth1 OUT= MAC=00:1c:25:a1:e7:67:00:16:3e:28:5a:b7:08:00 SRC=172.23.100.6 DST=172.23.20.128 LEN=69 TOS=0x00 PREC=0x00 TTL=128 ID=16322 PROTO=UDP SPT=4243 DPT=161 LEN=49 [31458.648164] [UFW BLOCK] IN=eth1 OUT= MAC=00:1c:25:a1:e7:67:00:16:3e:28:5a:b7:08:00 SRC=172.23.100.6 DST=172.23.20.128 LEN=69 TOS=0x00 PREC=0x00 TTL=128 ID=16513 PROTO=UDP SPT=4243 DPT=161 LEN=49 [33124.300112] lo: Disabled Privacy Extensions [33601.021406] Skipping EDID probe due to cached edid [34594.043501] chrome[15746]: segfault at 0 ip 0000000000d5cdd0 sp 00007fff5149ec20 error 6 in chrome[400000+3082000] [34597.395334] chrome[18112] general protection ip:17c85bf sp:7fff514aa4f0 error:0 in chrome[400000+3082000] [34616.786643] chrome[18124]: segfault at 1007 ip 00000000017c849f sp 00007fff514aabd0 error 4 in chrome[400000+3082000] [37277.436207] lo: Disabled Privacy Extensions [38549.501390] e1000e: eth1 NIC Link is Down [38551.122253] e1000e: eth1 NIC Link is Up 100 Mbps Full Duplex, Flow Control: RX/TX [38551.122263] e1000e 0000:00:19.0: eth1: 10/100 speed: disabling TSO

    Read the article

  • How to Configure Ubuntu’s Built-In Firewall

    - by Chris Hoffman
    Ubuntu includes its own firewall, known as ufw – short for “uncomplicated firewall.” Ufw is an easier-to-use frontend for the standard Linux iptables commands. You can even control ufw from a graphical interface. Ubuntu’s firewall is designed as an easy way to perform basic firewall tasks without learning iptables. It doesn’t offer all the power of the standard iptables commands, but it’s less complex. HTG Explains: Why Linux Doesn’t Need Defragmenting How to Convert News Feeds to Ebooks with Calibre How To Customize Your Wallpaper with Google Image Searches, RSS Feeds, and More

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 1 2 3 4 5 6  | Next Page >