Search Results

Search found 1249 results on 50 pages for 'iptables'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 27/50 | < Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >

  • Public Facing Recursive DNS Servers - iptables rules

    - by David Schwartz
    We run public-facing recursive DNS servers on Linux machines. We've been used for DNS amplification attacks. Are there any recommended iptables rules that would help mitigate these attacks? The obvious solution is just to limit outbound DNS packets to a certain traffic level. But I was hoping to find something a little bit more clever so that an attack just blocks off traffic to the victim IP address. I've searched for advice and suggestions, but they all seem to be "don't run public-facing recursive name servers". Unfortunately, we are backed into a situation where things that are not easy to change will break if we don't do so, and this is due to decisions made more than a decade ago before these attacks were an issue.

    Read the article

  • Logfiles filling with iptables logging

    - by Peter I
    OS: Debian 6 Server Version I have different logfiles which are filling up: user@server:/var/log$ ls -lahS | head total 427G -rw-r--r-- 1 root root 267G Nov 2 17:29 bandwidth -rw-r----- 1 root adm 44G Nov 2 17:29 kern.log -rw-r----- 1 root adm 27G Nov 2 17:29 debug -rw-r----- 1 root adm 23G Oct 27 06:33 kern.log.1 -rw-r----- 1 root adm 17G Nov 2 17:29 messages -rw-r----- 1 root adm 14G Oct 27 06:33 debug.1 -rw-r----- 1 root adm 12G Nov 2 17:29 syslog -rw-r----- 1 root adm 12G Nov 1 06:26 syslog.1 -rw-r----- 1 root adm 9.0G Oct 27 06:33 messages.1 So I looked up the file /etc/iptables.up.rules which had those lines in it: -A FORWARD -o eth0 -j LOG --log-level 7 --log-prefix BANDWIDTH_OUT: -A FORWARD -i eth0 -j LOG --log-level 7 --log-prefix BANDWIDTH_IN: -A OUTPUT -o eth0 -j LOG --log-level 7 --log-prefix BANDWIDTH_OUT: -A INPUT -i eth0 -j LOG --log-level 7 --log-prefix BANDWIDTH_IN: So deleting those lines will solve my problem. But how would I edit those lines without losing their functionality?

    Read the article

  • Port Forwarding IPTABLES public IP

    - by tric
    hello i have a computer linuxbox_1.eth0 public ip 89.40.x.y eth1 public ip 85.121.a.b i have another linuxbox_2. ethx public ip 86.34.c.d what i want to do is forward port 8001 from linuxbox_1 eth0 89.40.x.y:8001 to linuxbox_1 eth1 85.121.a.b, and then forward again port 8001 from linuxbox_1 eth1 85.121.a.b:8001 to linuxbox_2 ethx 86.34.c.d:80 i have searched for answers using google "that knows everything" but this time it has failed. i would like to use IPTABLES or any other tool like rinetd. i tryed rinetd but it somehow mistakes the eths sorry for my bad english. 10q

    Read the article

  • iftop - how to generate text file with its output?

    - by mickula
    iftop is great tool to view almost live bandwidth usage distinguished by source-ip source-port destination-ip destination port. I'm using it to see which client's ip is using most bandwidth. Now I would like to store output somewhere. iftop uses ncurses so iftop > log.txt does not work as expected, result file is not readable. Is there any tool like this which can be used to pipe output to a text file? Thanks for your replies.

    Read the article

  • Several IPs for my VPS

    - by Serafim
    I bought vps on santrex.net but can't receive any reply from support. My Problem: I have 5 ip but it pings only 1!!! I can't setup DNS because I need 2 ip minimum . Could you help me to activate other my IPs? root@spnova:~# ifconfig eth0 Link encap:Ethernet HWaddr aa:00:b9:4f:19:01 inet addr:188.72.240.100 Bcast:188.72.240.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:163342 errors:0 dropped:0 overruns:0 frame:0 TX packets:13585 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:32862185 (32.8 MB) TX bytes:15189036 (15.1 MB) eth0:0 Link encap:Ethernet HWaddr aa:00:b9:4f:19:01 inet addr:188.72.240.101 Bcast:188.72.240.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth0:1 Link encap:Ethernet HWaddr aa:00:b9:4f:19:01 inet addr:188.72.240.102 Bcast:188.72.240.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth0:2 Link encap:Ethernet HWaddr aa:00:b9:4f:19:01 inet addr:188.72.240.103 Bcast:188.72.240.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth0:3 Link encap:Ethernet HWaddr aa:00:b9:4f:19:01 inet addr:188.72.240.104 Bcast:188.72.240.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:11885 errors:0 dropped:0 overruns:0 frame:0 TX packets:11885 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:8124693 (8.1 MB) TX bytes:8124693 (8.1 MB) root@spnova:~# nano /etc/network/interfaces # Auto generated eth0 interfaces auto eth0 lo iface eth0 inet static address 188.72.240.100 netmask 255.255.255.0 up route add -net 188.72.225.0 netmask 255.255.255.0 dev eth0 up route add default gw 188.72.225.1 iface lo inet loopback auto eth0:0 iface eth0:0 inet static address 188.72.240.101 netmask 255.255.255.0 auto eth0:1 iface eth0:1 inet static address 188.72.240.102 netmask 255.255.255.0 auto eth0:2 iface eth0:2 inet static address 188.72.240.103 netmask 255.255.255.0 auto eth0:3 iface eth0:3 inet static address 188.72.240.104 netmask 255.255.255.0

    Read the article

  • Multiple INET sockets (mulple IP's too) connected to UNIX sockets

    - by Andrew
    HOST = same host all the time, accepts multiple connection. I have a dedicated server and I will buy extra IP's. Socket 1 connects to HOST:PORT, from IP-1 Socket 2 connects to HOST:PORT, from IP-1 Socket 3 connects to HOST:PORT, from IP-1 Socket 4 connects to HOST:PORT, from IP-2 Socket 5 connects to HOST:PORT, from IP-2 Socket 6 connects to HOST:PORT, from IP-2 After creating all sockets I want to access them easy as UNIX sockets from PHP. /sys/socket1 /sys/socket2 /sys/socket3 /sys/socket4 /sys/socket5 /sys/socket6 I want the sockets to work in background (like daemon) and I want to be able to connect from PHP to any of this sockets and RECV/SEND whatever I want. I saw "socat" and I think that's the solution for me, please tell me how to use socat, or how to do it other way. Thankyou!

    Read the article

  • Unable to access VLAN host from VLAN interface in CentOS

    - by Amrit
    I am playing with VLAN (Virtual LAN) configuration on CentOS 6.4. I have 2 interfaces, eth0 and eth1. I have configured 2 VLAN interfaces eth0.20 and eth0.30 as #file: ifcfg-eth0.20 #------------- VLAN=yes DEVICE=eth0.20 TYPE=Ethernet ONBOOT=yes NM_CONTROLLED=no BOOTPROTO=static IPADDR=192.168.20.1 GATEWAY=192.168.20.1 NETMASK=255.255.255.0 USERCTL=no #file: ifcfg-eth0.30 #------------- VLAN=yes DEVICE=eth0.30 TYPE=Ethernet ONBOOT=yes NM_CONTROLLED=no BOOTPROTO=static IPADDR=192.168.30.1 GATEWAY=192.168.30.1 NETMASK=255.255.255.0 USERCTL=no Then connected a desktop to interface eth0 port using LAN cable and assigned 192.168.30.2/24 IP. When I try to ping 192.168.30.1 from 192.168.30.2 machine, It shows destination host unreachable. I am also not able to ping 192.168.130.2 from 192.168.30.1. However ping -I eth0 192.168.30.2 works fine. Any pointers?

    Read the article

  • Adding Facebook IPv6 to Centos, getting CurlException 7

    - by Nick
    I'm correctly get following error. After searching about this issue, correct me if i'm wrong, I believe that adding/configuring IPv6 should solve the problem. PHP Fatal error: Uncaught CurlException: 7: Failed to connect to 2a03:2880:10:8f02:face:b00c:0:26: Network is unreachable\n thrown in /var/www/vhosts/facedex.net/httpdocs/fb/apps/seemyfuture/src/base_facebook.php on line 886 The problem is I dont know the right way to add it. There seems to have may methods. http://tldp.org/HOWTO/Linux+IPv6-HOWTO/x1035.html#AEN1044 http://unix.stackexchange.com/questions/34093/static-ipv4-ipv6-configuration-on-centos-6-2 My netstat show this. Shell doesnt recogize -rn6 though.It shows invalid option -- 6 netstat -rn Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 27.254.38.128 0.0.0.0 255.255.255.128 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 0.0.0.0 27.254.38.254 0.0.0.0 UG 0 0 0 eth0 FYI: I'm using Centos 5.7. Thank you a lot in advance.

    Read the article

  • Proxy arp and 1:1 NAT

    - by daniel4er
    I have a Linux router with 2 NICs doing masquerade from network 192.168.0.0/24 to an ADSL router. users <----> NIC A [router] NIC B <----> INTERNET Now I'm experimenting with proxy arp on the NIC A to intercept all the IP requests in the network. I have a pool of addresses in the 192.168.0.0/24 network for this users. How can I translate, saythe IP10.0.0.64to192.168.0.64` in order to grant it internet access? I have already tried SNAT - DNAT, even I have written a NFQUEUE app to spoof the IP address with no luck.

    Read the article

  • IP6tables blocks INPUT? can't connect with youtube API

    - by klaas
    I thought to have a simple ipv6 firewall, but it turned out to be hell. Somehow I really can't connect with any ipv6 from my machine unless I set INPUT Policy to ACCEPT. Below my current ip6tables ip6tables -L Chain INPUT (policy DROP) target prot opt source destination ACCEPT all anywhere anywhere state RELATED,ESTABLISHED ACCEPT ipv6-icmp anywhere anywhere ACCEPT tcp anywhere anywhere tcp dpt:http ACCEPT tcp anywhere anywhere tcp dpt:https Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination If I try to connect with any ipv6 adres it doesn't work? telnet gdata.youtube.com 80 Trying 2a00:1450:4013:c00::76... OR telnet gdata.youtube.com 443 Trying 2a00:1450:4013:c00::76... When I set: ip6tables -P INPUT ACCEPT It works.. but then.. well then everything is open? what is going on? Help?

    Read the article

  • TPROXY Not working with HAProxy, Ubuntu 14.04

    - by Nyxynyx
    I'm trying to use HAProxy as a fully transparent proxy using TPROXY in Ubuntu 14.04. HAProxy will be setup on the first server with eth1 111.111.250.250 and eth0 10.111.128.134. The single balanced server has eth1 and eth0 as well. eth1 is the public facing network interface while eth0 is for the private network which both servers are in. Problem: I'm able to connect to the balanced server's port 1234 directly (via eth1) but am not able to reach the balanced server via Haproxy port 1234 (which redirects to 1234 via eth0). Am I missing out something in this configuration? On the HAProxy server The current kernel is: Linux extremehash-lb2 3.13.0-24-generic #46-Ubuntu SMP Thu Apr 10 19:11:08 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux The kernel appears to have TPROXY support: # grep TPROXY /boot/config-3.13.0-24-generic CONFIG_NETFILTER_XT_TARGET_TPROXY=m HAProxy was compiled with TPROXY support: haproxy -vv HA-Proxy version 1.5.3 2014/07/25 Copyright 2000-2014 Willy Tarreau <[email protected]> Build options : TARGET = linux26 CPU = x86_64 CC = gcc CFLAGS = -g -fno-strict-aliasing OPTIONS = USE_LINUX_TPROXY=1 USE_LIBCRYPT=1 USE_STATIC_PCRE=1 Default settings : maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200 Encrypted password support via crypt(3): yes Built without zlib support (USE_ZLIB not set) Compression algorithms supported : identity Built without OpenSSL support (USE_OPENSSL not set) Built with PCRE version : 8.31 2012-07-06 PCRE library supports JIT : no (USE_PCRE_JIT not set) Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND Available polling systems : epoll : pref=300, test result OK poll : pref=200, test result OK select : pref=150, test result OK Total: 3 (3 usable), will use epoll. In /etc/haproxy/haproxy.cfg, I've configured a port to have the following options: listen test1235 :1234 mode tcp option tcplog balance leastconn source 0.0.0.0 usesrc clientip server balanced1 10.111.163.76:1234 check inter 5s rise 2 fall 4 weight 4 On the balanced server In /etc/networking/interfaces I've set the gateway for eth0 to be the HAProxy box 10.111.128.134 and restarted networking. auto eth0 eth1 iface eth0 inet static address 111.111.250.250 netmask 255.255.224.0 gateway 111.131.224.1 dns-nameservers 8.8.4.4 8.8.8.8 209.244.0.3 iface eth1 inet static address 10.111.163.76 netmask 255.255.0.0 gateway 10.111.128.134 ip route gives: default via 111.111.224.1 dev eth0 10.111.0.0/16 dev eth1 proto kernel scope link src 10.111.163.76 111.111.224.0/19 dev eth0 proto kernel scope link src 111.111.250.250

    Read the article

  • Nginx Reverse proxy + SYN Flood

    - by Bradley
    We're running a nginx reverse proxy cluster, forwarding traffic to our main website, this enables us to filter out unwanted traffic/users etc, and send them off else where, now we have a few issues with SYN floods where the requests a second is overflowing the proxy + the main server causing them to become unavailable. Is there any ip tables magic that can A) Rate limit SYN packets / connections to HTTP B) Block it all together if packets a second is malicious or any advice how to use limit_rate_zone in nginx, I've googled and tried to apply a few new results and none of them work and the websites are still unavailable.

    Read the article

  • IPSEC site-to-site Openswan to Cisco ASA

    - by Jim
    I recieved a list of commands that were run on the right side of the VPN tunnel which is where the Cisco ASA resides. On my side, I have a linux based firewall running debian with openswan installed. I am having an issue with getting to Phase 2 of the VPN negotiation. Here is the Cisco Information I was sent: {my_public_ip} = left side of connection tunnel-group {my_public_ip} type ipsec-l2l tunnel-group {my_public_ip} ipsec-attributes pre-shared-key fakefake crypto map vpn1 1 match add customer-ipsec crypto map vpn1 1 set peer {my_public_ip} crypto map vpn1 1 set transform-set aes-256-sha crypto map vpn1 interface outside static (outside,inside) 10.2.1.200 {my_public_ip} netmask 255.255.255.255 crypto ipsec transform-set aes-256-sha esp-aes-256 esp-sha-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto map vpn1 1 match address customer-ipsec crypto map vpn1 1 set peer {my_public_ip} crypto map vpn1 1 set transform-set aes-256-sha crypto map vpn1 interface outside crypto isakmp enable outside crypto isakmp policy 1 authentication pre-share encryption aes-256 hash sha group 2 lifetime 86400 Myside ipsec.conf config setup klipsdebug=none plutodebug=none protostack=netkey #nat_traversal=yes conn cisco #name of VPN connection type=tunnel authby=secret #left side (myside) left={myPublicIP} leftsubnet=172.16.250.0/24 #net subnet on left sdie to assign to right side leftnexthop=%defaultroute #right security gateway (ASA side) right={CiscoASA_publicIP} #cisco ASA rightsubnet=10.2.1.0/24 rightnexthop=%defaultroute #crypo stuff keyexchange=ike ikelifetime=86400s auth=esp pfs=no compress=no auto=start ipsec.secrets file {CiscoASA_publicIP} {myPublicIP}: PSK "fakefake" When I start ipsec from the left side/my side I don't recieve any errors, however when I run the ipsec auto --status command: 000 "cisco": 172.16.250.0/24==={left_public_ip}<{left_public_ip}>[+S=C]---{left_public_ip_gateway}...{left_public_ip_gateway}--{right_public_ip}<{right_public_ip}>[+S=C]===10.2.1.0/24; prospective erouted; eroute owner: #0 000 "cisco": myip=unset; hisip=unset; 000 "cisco": ike_life: 86400s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0 000 "cisco": policy: PSK+ENCRYPT+TUNNEL+UP+IKEv2ALLOW+SAREFTRACK+lKOD+rKOD; prio: 24,24; interface: eth0; 000 "cisco": newest ISAKMP SA: #0; newest IPsec SA: #0; 000 000 #2: "cisco":500 STATE_MAIN_I1 (sent MI1, expecting MR1); EVENT_RETRANSMIT in 10s; nodpd; idle; import:admin initiate 000 #2: pending Phase 2 for "cisco" replacing #0 Now I'm new to setting up an site-to-site IPSEC tunnel so the status informatino I am unsure what it means. All I know is it sits at this "pending Phase 2" and I can't ping the other side, Another question I have is, if I do a route -n, should I see anything relating to this connection? Also, I read a few artilcle where configs contained the interface="ipsec0=eth0", is this an interface that I have to create on the linux debian firewall on my side? Appreciate your time to look at this.

    Read the article

  • if I put accept all 0.0.0.0/0 means this server is totally open for any ip ?

    - by davyzhang
    ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 is this means allow all ip from all port? but I still can not visit the server except I go through the allowed ip address and if I put this line in any line, did I make this server totally open for any connection? the full iptable list is below Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 ACCEPT all -- 116.211.25.89 0.0.0.0/0 ACCEPT all -- 222.215.136.8 0.0.0.0/0 ACCEPT all -- 125.82.87.21 0.0.0.0/0 ACCEPT all -- 127.0.0.1 127.0.0.1 ACCEPT tcp -- 61.172.251.109 0.0.0.0/0 tcp spt:8080 ACCEPT tcp -- 61.172.254.123 0.0.0.0/0 tcp spt:8080 ACCEPT tcp -- 61.129.44.191 0.0.0.0/0 ACCEPT tcp -- 61.129.44.128 0.0.0.0/0 ACCEPT tcp -- 61.172.251.109 0.0.0.0/0 tcp spt:8080 ACCEPT tcp -- 61.172.254.123 0.0.0.0/0 tcp spt:8080 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 0 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 8 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:53 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:53 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp spt:123 ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 udp dpt:123 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:20 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:21 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:80 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:88 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:8000 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:8080 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:8888 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:873 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:6969 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp spt:6900 ACCEPT tcp -- 61.172.241.98 0.0.0.0/0 ACCEPT tcp -- 61.172.247.98 0.0.0.0/0 ACCEPT tcp -- 61.172.247.100 0.0.0.0/0 ACCEPT tcp -- 61.152.122.33 0.0.0.0/0 ACCEPT tcp -- 61.152.110.130 0.0.0.0/0 ACCEPT tcp -- 210.51.28.220 0.0.0.0/0 ACCEPT tcp -- 210.51.28.120 0.0.0.0/0 ACCEPT tcp -- 61.172.241.120 0.0.0.0/0 ACCEPT tcp -- 211.147.0.85 0.0.0.0/0 ACCEPT tcp -- 211.147.0.114 0.0.0.0/0 ACCEPT tcp -- 222.73.61.249 0.0.0.0/0 ACCEPT tcp -- 222.73.61.250 0.0.0.0/0 ACCEPT tcp -- 222.73.61.251 0.0.0.0/0 ACCEPT tcp -- 210.51.31.11 0.0.0.0/0 tcp dpt:38422 ACCEPT tcp -- 210.51.31.12 0.0.0.0/0 tcp dpt:38422 ACCEPT tcp -- 61.172.254.123 0.0.0.0/0 tcp spt:8080 ACCEPT tcp -- 61.172.251.109 0.0.0.0/0 tcp spt:8080 ACCEPT tcp -- 61.172.247.85 0.0.0.0/0 ACCEPT tcp -- 222.73.12.248 0.0.0.0/0 ACCEPT tcp -- 61.172.254.184 0.0.0.0/0 ACCEPT tcp -- 61.172.254.78 0.0.0.0/0 ACCEPT tcp -- 61.172.254.243 0.0.0.0/0 ACCEPT tcp -- 61.152.97.115 0.0.0.0/0 ACCEPT tcp -- 221.231.128.206 0.0.0.0/0 ACCEPT tcp -- 221.231.130.199 0.0.0.0/0 ACCEPT udp -- 172.0.0.0/8 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 10.0.0.0/8 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 192.168.0.0/16 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 61.172.252.58 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 61.183.13.201 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 222.73.2.11 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 221.208.157.158 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 218.30.74.250 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 202.102.54.234 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 125.64.2.115 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 222.73.23.23 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 210.51.33.97 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 210.51.33.98 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 222.73.11.112 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 222.73.11.111 0.0.0.0/0 udp dpt:161 ACCEPT udp -- 222.73.11.89 0.0.0.0/0 udp spt:38514 DROP tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt:38423 REJECT tcp -- 0.0.0.0/0 0.0.0.0/0 reject-with tcp-reset DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT) target prot opt source destination DROP all -- 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination ACCEPT udp -- 0.0.0.0/0 222.73.11.89 udp dpt:38514

    Read the article

  • DHCP request error. Send_packet now permitted, How to debug, What does it mean

    - by Sparsh Gupta
    Hello I recently installed CSF firewall and have made live a new server which is accepting around 600req/second. Its basically a reverse proxy and I found in pingdom and munin that for a particular time, the response times of the server increased by 3 folds. I looked into logs and exactly at that point, I found loads of entries like this: Feb 27 15:22:09 li235-57 dhclient: DHCPREQUEST of <My IP address> on eth0 to 207.192.68.72 port 67 Feb 27 15:22:09 li235-57 dhclient: send_packet: Operation not permitted Can you help me understand what went wrong and what exactly happened. Is there any settings I should change in CSF or any pointer to debug this further Thanks

    Read the article

  • Limiting interface bandwidth with tc under Linux

    - by Matt
    I have a linux router which has a 10GBe interface on the outside and bonded Gigabit ethernet interfaces on the inside. We have currently budget for 2GBit/s. If we exceed that rate by more than 5% average for a month then we'll be charged for the whole 10Gbit/s capacity. Quite a step up in dollar terms. So, I want to limit this to 2GBit/s on 10GBe interface. TBF filter might be ideal, but this comment is of concern. On all platforms except for Alpha, it is able to shape up to 1mbit/s of normal traffic with ideal minimal burstiness, sending out data exactly at the configured rates. Should I be using TBF or some other filter to apply this rate to the interface and how would I do it. I don't understand the example given here: Traffic Control HOWTO In particular "Example 9. Creating a 256kbit/s TBF" tc qdisc add dev eth0 handle 1:0 root dsmark indices 1 default_index 0 tc qdisc add dev eth0 handle 2:0 parent 1:0 tbf burst 20480 limit 20480 mtu 1514 rate 32000bps How is the 256K bit/s rate calculated? In this example, 32000bps = 32k bytes per second. Since tc uses bps = bytes per second. I guess burst and limit come into play but how would you go about choosing sensible numbers to reach the desired rate? This is not a mistake. I tested this and it gave a rate close to 256K but not exactly that.

    Read the article

  • Linux Transparent Bridge for Network

    - by Blackninja543
    I am attempting to set up a semi-transparent bridge. I say semi because I want it to act as a transparent tap for all traffic moving through both sides of the bridge. What I also want is to have the "green zone" accessible to a web interface for the bridge that will display all results of the IDS and other network monitoring tools. My example would be as such: eth0 <--> bridge(br0) <--> eth1 The entire network would be on the same subset however anything coming from eth0 to eth1 would be accepted. The only time anything would be drop is if the eth0 attempted to access br0. If someone attempts to access the web interface on br0 through eth1 it will succeed. My biggest problem I feel is if I attempt to block anything from eth0 to br0 this will drop the bridge all together.

    Read the article

  • Routing only some local IPs through VPN on dd-wrt

    - by bo-inge-ostberg
    Much similar to this entry: http://serverfault.com/questions/94283/using-dd-wrt-to-connect-to-vpn-and-forward-all-traffic-of-certain-devices-through , I have set up my router with dd-wrt + OpenVPN to connect to a VPN. This works fine, and all traffic from behind the router goes through the VPN. How do I route(?) traffic in the router so that only certain IPs from the LAN will go through the VPN, while the others take the "normal" route? Is it also possible to allow traffic from certain local IPs to go ONLY through the VPN, making it impossible for them to use the regular internet connection if the VPN is down? I know this question was answered in the post I linked to, but that just doesn't seem to work for me. The routing table and rules change, but traffic still just goes through the VPN.

    Read the article

  • Linux box acting as wireless access point to share the internet connection

    - by Suresh
    A linux machine is connected to internet over two interfaces ppp0 and ppp1 using two modems. Also this machine acts as wireless access point through an interface say, eth0 with ip address 192.168.1.1 and acts as gateway for the connected devices through this network with subnet mask 255.255.255.0 Now is it possible to achieve the following: When any of the connected devices through wireless AP needs internet connection linux machine has to use ppp1 interface for internet. If any of the applications on the linux machine needs internet connection linux machine should use ppp0 interface for the internet. Can this be achieved by adding rules to chains in filter/nat tables? If the kernel routing table has a default rule to route the default traffic through interface ppp0, wil kernel completely ignore ppp1 for internet? PS: new to networking and routing concepts, If the question is not clear leave a comment, will try to give more information.

    Read the article

  • ULogd2.x - Documents - IPFIX data generation

    - by Gomathivinayagam
    I would like to generate IPFIX data from the packets that are coming to my local system as part of experimentation. It seems ULogd is a good tool to do that. I am able to capture PCAP data. But there are very less documents available on ULogd2.x about IPFIX format data generation.(There are very few examples provided in ulogd.conf). Can you provide me any links that describes about how to generate IPFIX data using ulogd2.x? 1) What are the options available? I saw there is polling interval configuration. But I have no idea how does it work? 2) If I set hash_enable = 0, and uncomment the polling_interval value, I'm getting an exception as NFCT plugin requires hash table, evne though I have specified hash_buckets and hash_max_entries. Could you help on this? 3) In general, I would like to know how NFCT plugin works in ulogd2.x. I sent mail to ulogd mailing list, but there are no replies. Could you shed some light?

    Read the article

  • Can i safely block all ports on my sever

    - by Saif Bechan
    I have a web server running pleks and get attacked a lot every day. I configured a firewall, and there are some predefined services such as www, and ftp, etc. I am planning to block all the ports except for the www port and the PLESK port. When I need ftp or ssh access for example i will open the ports in PLESK and then start to work. Is this a good thing to do or are there some downsides on doing this. There are some ports I am not sure of, such as SMTP,POP3,IMAP, DNS. Can i close these ports or is there no need to do so.

    Read the article

  • Duplicate incoming TCP traffic on Debian Squeeze

    - by Erwan Queffélec
    I have to test a homebrew server that accepts a lot of incoming TCP traffic on a single port. The protocol is homebrew as well. For testing purposes, I'd like to send this traffic both : - to the production server (say, listening on port 12345) - to the test server (say, listening on port 23456) My clients apps are "dumb" : they never read data back, and the server never replies anyway, my server only accepts connections, and do statistical computations and store/forward/service both raw and computed data. Actually, client apps and hardware are so simple there is no way I can tell clients to send their stream on both servers... And using "fake" clients is not good enough. What could be the simplest solution ? I can of course write an intermediary app that just copy incoming data and send it back to the testing server, pretending to be the client. I have a single server running Squeeze and have total control over it. Thanks in advance for your replies.

    Read the article

  • Where do I learn about IP blocks and subnets? Or is there just a calculator that does it all for me?

    - by cwd
    Amazon's elastic compute tool (among others) requires the ip block format for their command: ec2-authorize websrv -P tcp -p 80 -s 205.192.0.0/16 I may be doing this wrong, but as far as I can tell I need to use the block format even for a single IP address. 1) So, how would I do that for this IP? 71.75.232.132 Several years ago I took a CCNA class, and I remember going over IPs and subnets, masks, broadcast addresses, class a/b/c networks, etc. However a lot seems to have changed since then - for example I don't think you can tell what "class" a network is in just by looking at it anymore - sometimes they could be multiple classes. 2) Anyhow, my second question is where do I go to get a refresher on all these things? 3) Or should I just be using ipcalc or an online calculator to do it all for me - and if so, which one?

    Read the article

  • how can make transparent proxy on more than one port?

    - by ermya
    i want to make transparent proxy with linux ( centos) , i want all incoming connection on port 1000 - 2000 on eth0 forward to eth1 on port 1000 - 2000 in transparent mode i have 2 server 1- linux ( proxy server) 2- windows i want protect my windows server with my linux server firewall also i must make transparent proxy with my linux server linux server have 2 interface one for public network an another for private network connected to windows server so all incoming connection must connect to the linux server (at eth0 public network) first and after checking , must forward to the windows server on private network (with linux interface eth1 ) i can use squid for making transparent proxy but i dont know how i must config the squid for multi port because i want listen in more than 1000 ports for example from port 1000 to 2000 anyone know how can i do ?

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 23 24 25 26 27 28 29 30 31 32 33 34  | Next Page >