used.
>
> https://docs.docker.com/network/#the-world
>
> You should be using firewalld to limit access to services running in docker,
> as described here:
>
> https://docs.docker.com/network/packet-filtering-firewalls/#integration-with-firewalld
>
> Indeed. Fedor
On 10/23/2023 09:54 PM, Tim via users wrote:
I had to set a password for some in-store credit card, later on I had
to tell them "th!sTh1ngreallysucks" to a person when it wouldn't work.
Back when I was doing tech support for an ISP, they had password
protected web pages that were only accessib
On Fri, 2023-10-20 at 10:42 -0600, Joe Zeff wrote:
> I used to house sit for Jerry Pournelle, and you might consider
> something like his WiFi password: ThisIsAVeryLongPassword
I had to set a password for some in-store credit card, later on I had
to tell them "th!sTh1ngreallysucks" to a person wh
On 10/20/23 11:42, Joe Zeff wrote:
On 10/20/2023 01:39 AM, jdow wrote:
I bet something as simple as "horsehair" is far enough down the guess
list that the probability of a successful attack is out at way more
time than I have life left. When you can put time on your side life's
great.
I used
On 20231020 09:42:25, Joe Zeff wrote:
On 10/20/2023 01:39 AM, jdow wrote:
I bet something as simple as "horsehair" is far enough down the guess list
that the probability of a successful attack is out at way more time than I
have life left. When you can put time on your side life's great.
I us
On 10/20/2023 01:39 AM, jdow wrote:
I bet something as simple as "horsehair" is far enough down the guess
list that the probability of a successful attack is out at way more time
than I have life left. When you can put time on your side life's great.
I used to house sit for Jerry Pournelle, an
ss to services running in docker,
as described here:
https://docs.docker.com/network/packet-filtering-firewalls/#integration-with-firewalld
Indeed. Fedora deprecated iptables a while ago. It uses nftables now with
firewalld being used to configure it.
And finally you can even set up a filt
s described here:
https://docs.docker.com/network/packet-filtering-firewalls/#integration-with-firewalld
Indeed. Fedora deprecated iptables a while ago. It uses nftables now
with firewalld being used to configure it.
--
David King
dave at daveking dot com
_
On Oct 19, 2023, at 10:05, Alex wrote:
> I'm using docker on fedora38 and can't figure out how to prevent port 8080
> from being available to the outside world. I've done quite a bit of reading
> on this, and it appears I'm not the only one having trouble figuring this
> out. This docker doc a
Hi,
On Thu, Oct 19, 2023 at 11:54 AM Doug Herr
wrote:
> On Thu, Oct 19, 2023, at 7:05 AM, Alex wrote:
> > Hi,
> >
> > I'm using docker on fedora38 and can't figure out how to prevent port
> > 8080 from being available to the outside world. I've done quite a bit
> > of reading on this, and it ap
On Thu, Oct 19, 2023, at 7:05 AM, Alex wrote:
> Hi,
>
> I'm using docker on fedora38 and can't figure out how to prevent port
> 8080 from being available to the outside world. I've done quite a bit
> of reading on this, and it appears I'm not the only one having trouble
> figuring this out. This
Hi,
I'm using docker on fedora38 and can't figure out how to prevent port 8080
from being available to the outside world. I've done quite a bit of reading
on this, and it appears I'm not the only one having trouble figuring this
out. This docker doc appears to indicate it shouldn't be listening on
> On 20/12/2022 05.01, ToddAndMargo via users wrote:
>> Hi All,
>>
>> Anyone have a favorite how to migrate
>> iptables to nftables?
>>
>> I found this so far:
>>
>>
https://wiki.nftables.org/wiki-nftables/index.php/Moving_from_iptables_to_nfta
This was valid in 2016 for Fedora and Centos 7:
In the package iptables-nft you will find the following conversion programs:
iptables-to-nft-conversion
iptables-restore-translate (RUN AS ROOT)
**
https://wiki.nftables.org/wiki-nftables/index.php/Main_Page
suomi
On 20/12/2022 05.01
Hi All,
Anyone have a favorite how to migrate
iptables to nftables?
I found this so far:
https://wiki.nftables.org/wiki-nftables/index.php/Moving_from_iptables_to_nftables
I'd rather one specifically with Fedora in mind.
Many thanks,
-T
--
~~
Comp
Bonjour François
I have created a note in 2016 (appartently when I changed from iptables
to nftables):
The package for the conversion program is iptables-nft.
The program is iptables-restore-translate.
suomi
On 24/02/2022 14.52, François Patte wrote:
Bonjour,
I would like to move from
Bonjour,
I would like to move from iptables to nftables which seeems to be the
nowadays firewall and there were an app to translate iptables rules into
nftables rules, but some (clever) packager seems to have withdraw this
command from the iptables-compat package which installed on my f34
Data Sat, 20 Jul 2019 06:53:56 +0800
Ed Greshko napisał(a):
> On 7/20/19 6:20 AM, Tim Evans wrote:
> > Installing F30, adding iptables and my current ruleset, and
> > disabling firewalld looks very simple and quick. Why shouldn't I do
> > it?
> >
> > If ne
Hi
On Fri, 19 Jul 2019 18:20:35 -0400 Tim Evans wrote:
> I really, really need to figure out how to port my iptables ruleset to
> work with firewalld.
You may try first to port your iptables by using the "Direct Options"
that provides firewall-cmd.
I plan to use it for a wh
On 7/19/19 3:20 PM, Tim Evans wrote:
I'm planning on upgrading that system to Fedora 30, and am wondering if
I really, really need to figure out how to port my iptables ruleset to
work with firewalld. Other than the need to be up to date (I am
originally from Kansas City), what&#
On Fri, 19 Jul 2019 18:20:35 -0400
Tim Evans wrote:
> wondering if
> I really, really need to figure out how to port my iptables ruleset to
> work with firewalld
Nope, not yet. Just disable every service that has firewall in the
name
systemctl list-unit-files | fgrep -i firewall
Th
On 7/20/19 6:20 AM, Tim Evans wrote:
> I've been running an CentOS 6.x firewall/NAT router, using iptables for many
> years. My
> very simple iptables ruleset is based on the venerable Oskar Andreasson
> tutorial
> (https://www.frozentux.net/iptables-tutorial/iptables-tut
I've been running an CentOS 6.x firewall/NAT router, using iptables for
many years. My very simple iptables ruleset is based on the venerable
Oskar Andreasson tutorial
(https://www.frozentux.net/iptables-tutorial/iptables-tutorial.html).
I'm planning on upgrading that system to
On 08/24/2018 08:59 PM, ToddAndMargo wrote:
3) in /etc/modprobe.d/iptables.conf add
nf_conntrack_ftp ports=21
options nf_conntrack_ftp ports=21
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email to users-
to track ftp's high port with Fedora and iptables:
Problem: iptables will not automatically track ftp's high ports
(firewalld will).
Note: RHEL used
ip_conntrack_ftp, and
ip_nat_ftp
These have been superseded by
nf_conntrack_ftp
nf_conntrack_tftp
nf_nat_ftp
nf_na
My notes, so no one else has to go through this crap:
How to track ftp's high port with Fedora and iptables:
Problem: iptables will not automatically track ftp's high ports
(firewalld will).
Note: RHEL used
ip_conntrack_ftp, and
ip_nat_ftp
These have been sup
er?
Hi Samuel,
Firewalld takes care of this stuff automatically.
For a custom iptables firewall to track an ftp client's high ports,
you have to implement my solution.
If not, you get:
Aug 22 16:12:09 rn6 kernel: dsl-out Everything Else IN= OUT=eno2
SRC=192.168.xxx.yyy DST=208.106.xxx.yyy
On 08/24/2018 04:22 PM, Samuel Sieb wrote:
On 08/24/2018 04:01 PM, ToddAndMargo wrote:
Please explain what you are trying to do and what is not working.
I am trying to get iptables to track ftp's usage of high ports.
And I did figure it out. See my followup to this thread.
It was r
On 08/24/2018 04:10 PM, ToddAndMargo wrote:
# vi /etc/modprobe.d/iptables.conf
options nf_conntrack_ftp ports=21
# systemctl restart iptables.
Problem solved
Ok, that's great. But I'm still curious about why you need connection
tracking working. Perhaps I was misled in thinkin
showing?
Which is iptables not tracking the high ports ftp uses. And
that has not changed since I posted.
Why do you need it tracked? What is the problem you are trying to solve?
Maybe show the iptables rules you are trying to implement?
___
users
On 08/24/2018 04:01 PM, ToddAndMargo wrote:
I modprobe'ed all four in.
They showed in `lsmod | grep ftp`
I ran a
systemctl restart iptables
No joy.
?
Then I rebooted. Now
`lsmod | grep ftp`
show nothing.
Please explain what you are trying to do and what is not wo
On 08/22/2018 03:47 PM, ToddAndMargo wrote:
Hi All,
My iptables firewall ported from RHEL won't connect to ftp sites
and throws this error (written by me years ago):
WARNING: active FTP rules have been selected but one or
more necessary modules have not been detected
In
lve. Please do that.
I just figured out I should be using modprobe and not insmod.
I have iptables-config set to
IPTABLES_MODULES=nf_conntrack_ftp nf_conntrack_tftp nf_nat_ftp nf_nat_tftp
I will reboot and try again.
The actual problem is
Aug 22 16:12:09 rn6 kernel: dsl-out Everything El
described the actual problem you are
trying to solve. Please do that.
I just figured out I should be using modprobe and not insmod.
I have iptables-config set to
IPTABLES_MODULES=nf_conntrack_ftp nf_conntrack_tftp nf_nat_ftp nf_nat_tftp
I will reboot and try again.
The actual problem is
Aug 22
On 08/24/2018 03:23 PM, ToddAndMargo wrote:
# insmod nf_conntrack_ftp
insmod: ERROR: could not load module nf_conntrack_ftp: No such file or
directory
That's because you didn't specify an actual file. Try passing the
entire path to the module.
But the proper way is to use "modprobe nf_conn
On 08/24/2018 02:32 PM, Mike Wright wrote:
sudo iptables-save > iptables.rules
# iptables --list | wc -l
244
Here is a hint:
# ls /lib/modules/`uname -r`/kernel/net/netfilter | grep ftp
nf_conntrack_ftp.ko.xz
nf_conntrack_tftp.ko.xz
nf_nat_ftp.ko.xz
nf_nat_tftp.ko.xz
# ins
run firewalld and I can tell you that
if I
do an "iptables -L" there is nothing that seems related to ftp.
But
The IP address of ftp.yzu.edu.tw is 140.138.144.170. So.
[egreshko@meimei ~]$ sudo conntrack -L | grep 144
conntrack v1.4.4 (conntrack-tools): 10 flow entries ha
On 08/24/2018 02:18 PM, ToddAndMargo wrote:
On 08/24/2018 09:23 AM, Mike Wright wrote:
My *hunch* is that you are running firewalld and that the default
rules for firewalld changed between RHEL and fedora. Mind you,
beneath firewalld lies, you guessed it, iptables.
Execute:
firewall
On 08/24/2018 09:35 AM, Rick Stevens wrote:
Here are my "passive rules"
# ftp passive mode (browser) stuff. Note: ftp_conntrack module is
required, e.g.:
# /etc/sysconfig/iptables-config:
# IPTABLES_MODULES="ip_conntrack_ftp"
#
$tbls -A dsl-out -o $eth1 -p tcp -
On 08/24/2018 09:23 AM, Mike Wright wrote:
My *hunch* is that you are running firewalld and that the default rules
for firewalld changed between RHEL and fedora. Mind you, beneath
firewalld lies, you guessed it, iptables.
Execute:
firewall-cmd --state
echo $?
$ firewall-cmd
t;
>>>>> Just ftp client and I want to support both active and passive mode
>>>>>
>>>>
>>>> This covers both:
>>>>
>>>> http://www.devops-blog.net/iptables/iptables-settings-for-outgoing-ftp
>>>>
>>>> :m
This covers both:
http://www.devops-blog.net/iptables/iptables-settings-for-outgoing-ftp
:m
Hi Mike,
That is a description of what is happening.
I am looking for Fedora specific iptables instructions.
iptables rules are processed by the kernel. They are distribution
agnostic.
:m
Yippee
/iptables/iptables-settings-for-outgoing-ftp
:m
Hi Mike,
That is a description of what is happening.
I am looking for Fedora specific iptables instructions.
iptables rules are processed by the kernel. They are distribution
agnostic.
:m
Yippee!!
I still the directions. What worked on
On 08/23/2018 11:50 AM, ToddAndMargo wrote:
On 08/23/2018 11:41 AM, Mike Wright wrote:
On 08/23/2018 11:23 AM, ToddAndMargo wrote:
Just ftp client and I want to support both active and passive mode
This covers both:
http://www.devops-blog.net/iptables/iptables-settings-for-outgoing-ftp
On 08/23/2018 11:41 AM, Mike Wright wrote:
On 08/23/2018 11:23 AM, ToddAndMargo wrote:
Just ftp client and I want to support both active and passive mode
This covers both:
http://www.devops-blog.net/iptables/iptables-settings-for-outgoing-ftp
:m
Hi Mike,
That is a description of what
On 08/23/2018 11:23 AM, ToddAndMargo wrote:
Just ftp client and I want to support both active and passive mode
This covers both:
http://www.devops-blog.net/iptables/iptables-settings-for-outgoing-ftp
:m
___
users mailing list -- users
On 08/23/2018 11:23 AM, ToddAndMargo wrote:
On 08/23/2018 11:10 AM, Rick Stevens wrote:
On 08/22/2018 06:00 PM, ToddAndMargo wrote:
On 08/22/2018 04:37 PM, Ed Greshko wrote:
On 08/23/18 06:47, ToddAndMargo wrote:
Hi All,
My iptables firewall ported from RHEL won't connect to ftp site
On 08/23/2018 11:10 AM, Rick Stevens wrote:
On 08/22/2018 06:00 PM, ToddAndMargo wrote:
On 08/22/2018 04:37 PM, Ed Greshko wrote:
On 08/23/18 06:47, ToddAndMargo wrote:
Hi All,
My iptables firewall ported from RHEL won't connect to ftp sites
and throws this error (written by me year
On 08/22/2018 06:00 PM, ToddAndMargo wrote:
> On 08/22/2018 04:37 PM, Ed Greshko wrote:
>> On 08/23/18 06:47, ToddAndMargo wrote:
>>> Hi All,
>>>
>>> My iptables firewall ported from RHEL won't connect to ftp sites
>>> and throws this error (
On 08/22/2018 04:37 PM, Ed Greshko wrote:
On 08/23/18 06:47, ToddAndMargo wrote:
Hi All,
My iptables firewall ported from RHEL won't connect to ftp sites
and throws this error (written by me years ago):
WARNING: active FTP rules have been selected but one or
more necessary mo
On 08/23/18 06:47, ToddAndMargo wrote:
> Hi All,
>
> My iptables firewall ported from RHEL won't connect to ftp sites
> and throws this error (written by me years ago):
>
>
> WARNING: active FTP rules have been selected but one or
> more necessary modules have
On 08/22/2018 03:59 PM, Rick Stevens wrote:
On 08/22/2018 03:47 PM, ToddAndMargo wrote:
Hi All,
My iptables firewall ported from RHEL won't connect to ftp sites
and throws this error (written by me years ago):
WARNING: active FTP rules have been selected but one or
more nece
On 08/22/2018 03:47 PM, ToddAndMargo wrote:
> Hi All,
>
> My iptables firewall ported from RHEL won't connect to ftp sites
> and throws this error (written by me years ago):
>
>
> WARNING: active FTP rules have been selected but one or
> more necessary m
Hi All,
My iptables firewall ported from RHEL won't connect to ftp sites
and throws this error (written by me years ago):
WARNING: active FTP rules have been selected but one or
more necessary modules have not been detected
In /etc/sysconfig/iptables-config, you mus
On 04/25/2018 05:03 AM, Elham Sadat Azarian via users wrote:
> Hi
> I set a rule in iptables(firewall-cmd) and try to clone a template from my
> server with vsphere. but my template didnt inherit this rules!
> whats the problem?
Are you certain you made the rule permanent? If it
Hi
I set a rule in iptables(firewall-cmd) and try to clone a template from my
server with vsphere. but my template didnt inherit this rules!
whats the problem?
thanks
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email
On Thu, 2017-11-30 at 14:30 +, John Horne wrote:
> Hello,
>
> I recently upgraded my PC from F26 to F27, and noticed that fail2ban was not
> adding the configured chains to iptables. This worked fine at F26.
>
Hi,
Problem solved. F26 ran fail2ban version 0.9 (I think), and F
Hello,
I recently upgraded my PC from F26 to F27, and noticed that fail2ban was not
adding the configured chains to iptables. This worked fine at F26.
There are no error messages in the log files (dmesg, /var/log/messages,
/var/log/fail2ban.log). I have tried disabling SELinux, then restarting
On 12/15/2016 11:50 AM, Rick Stevens wrote:
On 12/15/2016 10:17 AM, jd1008 wrote:
Following up on recent posts re: masking and disabling firewalld,
I wanted to understand how to automate
/usr/sbin/iptables-restore < /etc/sysconfig/my_iptables
The standard spot to keep your iptables conf
On 12/15/2016 10:17 AM, jd1008 wrote:
> Following up on recent posts re: masking and disabling firewalld,
> I wanted to understand how to automate
> /usr/sbin/iptables-restore < /etc/sysconfig/my_iptables
The standard spot to keep your iptables configs before firewalld is in
the &qu
Following up on recent posts re: masking and disabling firewalld,
I wanted to understand how to automate
/usr/sbin/iptables-restore < /etc/sysconfig/my_iptables
___
users mailing list -- users@lists.fedoraproject.org
To unsubscribe send an email
On 10/03/16 19:40, Michael D. Setzer II wrote:
> That seems to make it work fine, but not sure what changed from it working
> before in earlier versions or kernels and now not working?
> Comment 5 seems to have some more info, but don't know if this is a bug, or a
> new feature (one must specify
On 3 Oct 2016 at 18:39, Ed Greshko wrote:
From: Ed Greshko
Subject:Re: Problem with firewalld/iptables and ftp access list?
To: users@lists.fedoraproject.org
Date sent: Mon, 3 Oct 2016 18:39:44 +0800
Send reply to
On 10/03/16 15:32, Michael D. Setzer II wrote:
> Cleaned up the firewall-config extra port options, and tried it on another
> machine as
> well. Did note that after a reboot, it shows nf_conntract_ftp as being
> loaded, but not
> being used by anything. If I stop firewalld and
Cleaned up the firewall-config extra port options, and tried it on another
machine as well. Did note that after a reboot, it shows nf_conntract_ftp as
being loaded, but not being used by anything. If I stop firewalld and start
iptables it then shows that it is being used??
firewall-config
On 2 Oct 2016 at 14:45, Gordon Messmer wrote:
Subject:Re: Problem with firewalld/iptables and ftp access list?
To: Community support for Fedora users
From: Gordon Messmer
Date sent: Sun, 2 Oct 2016 14:45:23 -0700
Send
On 10/02/2016 04:48 AM, Michael D. Setzer II wrote:
The modeprobe nf_conntrack_ftp doesn't output any messge or error? Not
sure what it is suppose to output.
It shouldn't output anything. In your iptables rules you find these:
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j
On 10/02/16 20:04, Ed Greshko wrote:
> That's about all I can say this my evening. If I have time tomorrow I'll put
> up a
> vsftpd on a system and see if I can recreate the issue.
I have installed vsftpd on an F24 and F23 system and verified that F24 fails as
described
by Michael while F23 s
ive mode, back it seemed to continue??
>
> These machines are in the same 192.168.7.x network connected to the same
> switch? All are
> running Fedora 24, upgraded via dnf from 23 over the summer. With the 23,
> never had any
> issues.
I fired up an F22 system and did an iptable
On 2 Oct 2016 at 16:14, Ed Greshko wrote:
From: Ed Greshko
Subject:Re: Problem with firewalld/iptables and ftp access list?
To: Fedora
Date sent: Sun, 2 Oct 2016 16:14:48 +0800
Send reply to: Community support for
On 10/02/16 15:17, Ed Greshko wrote:
>
> On 10/02/16 14:51, Gordon Messmer wrote:
>> On 10/01/2016 04:37 PM, Michael D. Setzer II wrote:
>>> I can connect to ftp server but the listing fails if firewalld and iptables
>>> services
>>> are running.
>>
On 10/02/16 14:51, Gordon Messmer wrote:
> On 10/01/2016 04:37 PM, Michael D. Setzer II wrote:
>> I can connect to ftp server but the listing fails if firewalld and iptables
>> services
>> are running.
>
>
> Does the problem go away if you "modprobe nf_c
On 10/01/2016 04:37 PM, Michael D. Setzer II wrote:
I can connect to ftp server but the listing fails if firewalld and iptables
services
are running.
Does the problem go away if you "modprobe nf_conntrack_ftp" as root, and
leave fi
On 10/02/16 07:37, Michael D. Setzer II wrote:
> I can connect to ftp server but the listing fails if firewalld and iptables
> services
> are running. Turning them off would make it work just fine?
>
> Was able to save the iptables config file and after going thru it found the
On 1 Oct 2016 at 17:34, Samuel Sieb wrote:
Subject:Re: Problem with firewalld/iptables and ftp access list?
To: Community support for Fedora users
From: Samuel Sieb
Date sent: Sat, 1 Oct 2016 17:34:13 -0700
Send reply to
On 10/01/2016 04:37 PM, Michael D. Setzer II wrote:
I can connect to ftp server but the listing fails if firewalld and iptables
services
are running. Turning them off would make it work just fine?
Both firewalld and iptables? That doesn't sound right.
Was able to save the iptables c
I can connect to ftp server but the listing fails if firewalld and iptables
services
are running. Turning them off would make it work just fine?
Was able to save the iptables config file and after going thru it found the
line
that is causing the issue on line 138?
-A INPUT -j REJECT --reject
On 31/03/16 08:26 PM, jd1008 wrote:
> Has fedora dropped support for iptables in favor of firewalld?
firewalld configures iptables.
--
Digimer
Papers and Projects: https://alteeve.ca/w/
What if the cure for cancer is trapped in the mind of a person without
access to education?
--
users mail
Has fedora dropped support for iptables in favor of firewalld?
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Guidelines
On 02/16/16 13:17, Gordon Messmer wrote:
On 02/16/2016 09:00 AM, Bob Goodwin
wrote:
But get "parse errors" when
restarting iptables with everything
I've tried. Obviously I'm in over my
head here, just trying to follow
examples.
You're probably better off askin
On 02/16/2016 09:00 AM, Bob Goodwin wrote:
But get "parse errors" when restarting iptables with everything I've
tried. Obviously I'm in over my head here, just trying to follow
examples.
You're probably better off asking these questions on the openwrt
forums.
nge 192.168.1.4-192.168.1.50
option dest wan
option proto icmp
option target DROP
But get "parse errors" when restarting iptables with everything I've
tried. Obviously I'm in over my head here, just trying to follow examples.
Any help is apprecia
on dest wan
option proto icmp
option target DROP
But get "parse errors" when restarting
iptables with everything I've tried.
Obviously I'm in over my head here, just
trying to follow examples.
Any help is appreciated,
Bob
--
Bob Goodwin - Zuni, Virgin
lan-device, (connected to 192.168.1.255/24)
3) Assuming eth1 is connected to your internet modem
4) before (!) allowing other traffic outside insert
iptables -t filter -A FORWARD -i eth0 -o eth1 --source 192.168.1.17 -j DROP
iptables -t filter -A FORWARD -I eth1 -o eth1 --destination 192.168.1.17 -j
ming eth1 is connected to your internet modem
4) before (!) allowing other traffic outside insert
iptables -t filter -A FORWARD -i eth0 -o eth1 --source 192.168.1.17 -j DROP
iptables -t filter -A FORWARD -I eth1 -o eth1 --destination 192.168.1.17 -j DROP
5) next allow other traffic to go outside
On 02/08/16 17:24, Mike Wright wrote:
On 02/08/2016 02:10 PM, Bob Goodwin
wrote:
Can someone give me an example [for
my router] of the iptables code
needed to prevent 192.168.1.17 from
connecting to the internet while
keeping normal LAN access?
Hi Bob,
Decided lack of info to go on but
On 02/08/16 17:21, Richard Shaw wrote:
On Mon, Feb 8, 2016 at 4:10 PM, Bob
Goodwin <mailto:bobgood...@wildblue.net>> wrote:
Can someone give me an example
[for my router] of the iptables
code needed to prevent
192.168.1.17 from connecting to
the internet whil
On 02/08/2016 02:10 PM, Bob Goodwin wrote:
Can someone give me an example [for my router] of the iptables code
needed to prevent 192.168.1.17 from connecting to the internet while
keeping normal LAN access?
Hi Bob,
Decided lack of info to go on but this will accomplish that.
If you just
Of course, after I replied it made me think of some additional words to
search for and I found this, HTH:
http://www.tuxradar.com/answers/131
Thanks,
Richard
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman
On Mon, Feb 8, 2016 at 4:10 PM, Bob Goodwin wrote:
>
> Can someone give me an example [for my router] of the iptables code needed
> to prevent 192.168.1.17 from connecting to the internet while keeping
> normal LAN access?
This is a complete SWAG but I think you would have to a
Can someone give me an example [for my
router] of the iptables code needed to
prevent 192.168.1.17 from connecting to
the internet while keeping normal LAN
access?
Bob
--
Bob Goodwin - Zuni, Virginia, USA
http://www.qrz.com/db/W2BOD
box10 FEDORA-23/64bit LINUX XFCE POP3
--
users mailing
On Thu, 4 Feb 2016 15:24:46 -0500
GUNA wrote:
> Hello,
>
> I have updated Fedora core 16 Kernel from 3.4.2 to 4.4.0. Once the
> system is rebooted with new kernel 4.4.0, the iptables loaded but not
> started.
That version of Fedora is over 3 years obsolete. In those days, the
f
Hello,
I have updated Fedora core 16 Kernel from 3.4.2 to 4.4.0. Once the
system is rebooted with new kernel 4.4.0, the iptables loaded but not
started.
// logs
Failed to start IPv4 firewall with iptables [FAILED]
See 'systemctl status iptables.service' for details.
Started IPv6 fir
On 07/20/2015 11:57 AM, jd1008 wrote:
Is firewalld similar to fbsd's firewall app as far as rulesets are
concerned?
I don't know enough about fbsd to answer that.
--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/
On 07/20/2015 12:37 PM, Gordon Messmer wrote:
On 07/20/2015 10:55 AM, jd1008 wrote:
These are NOT what I have in /etc/sysconfig/iptables at all!!!
Is there more than one service setting firewall rules on your system?
Because iptables.service is deprecated, you probably also need to
On 07/20/2015 10:55 AM, jd1008 wrote:
These are NOT what I have in /etc/sysconfig/iptables at all!!!
Is there more than one service setting firewall rules on your system?
Because iptables.service is deprecated, you probably also need to
disable firewalld.
--
users mailing list
users
On 07/20/2015 11:47 AM, Gordon Messmer wrote:
On 07/20/2015 09:59 AM, jd1008 wrote:
So, where should I place the ruleset file /etc/sysconfig/iptables
so that when iptables.service is started, the ruleset I want is what
is used?
That's the place for it. Run "/usr/libexe
On 07/20/2015 09:59 AM, jd1008 wrote:
So, where should I place the ruleset file /etc/sysconfig/iptables
so that when iptables.service is started, the ruleset I want is what
is used?
That's the place for it. Run "/usr/libexec/iptables/iptables.init
start" in a terminal and
Running:
systemctl enable iptables.service
systemctl start iptables.service
sets totally permissive rules, and does not incorporate
any of the rules in the file /etc/sysconfig/iptables
So, I have to manually run
iptables-restore < /etc/sysconfig/iptables
So, where should I place the rule
On 07/07/2015 05:07 AM, sb...@mississippi.com wrote:
Have you looked at fail2ban? It watches /var/log/secure for break in
attempts/failed logins and dynamically adds iptables rules to block the bad
guys. It will do (automatically) pretty much what you're doing manually.
Thanks for
1 - 100 of 470 matches
Mail list logo
