Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
I would like to delete POSTROUTING rule below,
[root#hostname ~]# service iptables status
Table: nat
Chain PREROUTING (policy ACCEPT)
num target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
num target prot opt source destination
1 MASQUERADE all -- 192.168.1.0/24 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
num target prot opt source destination
then I typed below,
[root#hostname ~]# iptables -D POSTROUTING 1
iptables: No chain/target/match by that name
Is there anything wrong?
Try adding the table name explicitly:
iptables -t nat -D POSTROUTING 1
Related
I am trying to use this tutorial to connect to the internet from the BeagleBone Black: https://elementztechblog.wordpress.com/2014/12/22/sharing-internet-using-network-over-usb-in-beaglebone-black/
The IpTables steps do not seem to yield the correct configuration. For example:
iptables --table nat -A POSTROUTING -o wlp2s0 -j MASQUERADE
creates the following configuration:
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- localhost/16 anywhere
MASQUERADE all -- anywhere anywhere
Why do I have anywhere as destination when I clearly specify wlp2s0 ? Can anyone please help ?
iptables -t nat -L doesn't seem to show additional information like interfaces.
While it's meant to be for save/restore and machine-readable, I much prefer the output of iptables-save due to its completeness.
In your case this should show you the complete configuration for the "nat" table:
iptables-save -t nat
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
I have changed ssh default port to 2020, And add iptable rule in order to allow incoming traffic on that port using below command.
iptables -A INPUT -p tcp -m tcp --dport 2020 -j ACCEPT
And i would like to block all other ports on the server. And use below command after allowing ssh. All session are closed. How can i fix it.
iptables -P INPUT DROP
iptables -P OUTPUT DROP
You may need to enable OUTPUT
iptables -P INPUT ACCEPT
iptables -P OUTPUT ACCEPT
iptables -F
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 2020 -j ACCEPT
iptables -A OUTPUT -p tcp -m tcp --sport 2020 -j ACCEPT
iptables -P INPUT DROP
iptables -P OUTPUT DROP
I had a DDOS today on a webserver running debian sequeeze and blocked various IP-Adresses in iptables like so:
iptables -A INPUT -s 169.50.5.42 -j DROP
But it seems to not being dropping the traffic from these ip.
Listing all rules with iptables -L gives the following output:
Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh
fail2ban-pureftpd tcp -- anywhere anywhere multiport dports ftp
fail2ban-dovecot-pop3imap tcp -- anywhere anywhere multiport dports pop3,pop3s,imap2,imaps
DROP all -- 169.50.5.42-static.reverse.softlayer.com anywhere
DROP all -- 169.50.5.45-static.reverse.softlayer.com anywhere
DROP all -- 169.50.5.37-static.reverse.softlayer.com anywhere
DROP all -- 169.50.5.36-static.reverse.softlayer.com anywhere
DROP all -- 169.50.5.38-static.reverse.softlayer.com anywhere
DROP all -- 169.50.5.39-static.reverse.softlayer.com anywhere
DROP all -- 169.50.5.45-static.reverse.softlayer.com anywhere
DROP all -- 169.50.5.42-static.reverse.softlayer.com anywhere
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain fail2ban-dovecot-pop3imap (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-pureftpd (1 references)
target prot opt source destination
RETURN all -- anywhere anywhere
Chain fail2ban-ssh (1 references)
target prot opt source destination
DROP all -- 43.229.53.60 anywhere
RETURN all -- anywhere anywhere
Is there something that i missed?
I can answer myself. Apparently it needs some time to apply all changes internally. After one minute or so the rules are working.
A have a simple question about iptables. I have a centos machine with the following content in /etc/sysconfig/iptables:
# Generated by iptables-save v1.4.7 on Tue Dec 17 14:19:35 2013
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [2774:229756]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
but when I type iptables -L at the shell prompt, I see this:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
why do I see a the chains without rules? what's the behavior of iptables in this case?
thanks in advance
It is likely that your rules have been flushed a la:
iptables -F
Each change made by editing /etc/sysconfig/iptables will not be active until you restart the iptables service.
service iptables restart
If you wish to add rules "on-the-fly" you will need to use the iptables command to do it.
iptables -A INPUT -j LOG --log-prefix "Logging"
now when you do:
iptables -L
you will see your new rule immmediately
Do you have firewallD started? Seems in case I have installed firrewallD and it is not active and iptables yes,
iptables -L
Shows no rules..
After started firewalld all rules are then shown again.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I have firewall rule that should accept all the connections, but drop connections from a ssh brute force attack (except 10.0.0.0/8 range). This rule will block an IP if it attempts more than 24 connections per 10minute.
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp --dport 22 -s ! 10.0.0.0/8 -m state --state NEW -m recent --set --name SSH
-A INPUT -p tcp --dport 22 -s ! 10.0.0.0/8 -m state --state NEW -m recent --update --seconds 600 --hitcount 25 --rttl --name SSH -j DROP
-A INPUT -j ACCEPT
-A FORWARD -j ACCEPT
COMMIT
It errors out when I try to start iptables as bad arguement.
iptables: Applying firewall rules: Bad argument `10.0.0.0/8'
This was talked before in SF. iptables changed the way it accept parameters. Now the bang should be before the parameter, so your lines becomes this:
-A INPUT -p tcp --dport 22 ! -s 10.0.0.0/8 -m state --state NEW -m recent --set --name SSH
-A INPUT -p tcp --dport 22 ! -s 10.0.0.0/8 -m state --state NEW -m recent --update --seconds 600 --hitcount 25 --rttl --name SSH -j DROP
And yes, every blog in internet is wrong.