All Questions
82 questions
2
votes
0
answers
29
views
How to Configure Debian Server with ISP-Delegated Static IPs?
I'm setting up a Debian server to act as both a router and a server, but I've encountered issues with my ISP's unique static IP assignment method. Here's the situation:
I have been assigned two static ...
- 173
0
votes
1
answer
189
views
OpenConnect VPN Server and DNSMasq DNS Server on Same Machine
I am running an OpenConnect VPN server on a Debian 11 machine. The VPN server works perfectly when configured to use Google public DNS, but I want to run my own DNS server on the same machine and use ...
1
vote
1
answer
162
views
Unable to forward and receive internet traffic through Raspberry Pi 4 Wifi AP
There are many tutorials out there showing how to set up a Wifi AP using Raspberry Pi 4, all with different configurations. I am trying doing it with my specific setup as following:
RPi4 acting as ...
- 133
0
votes
1
answer
550
views
Unable to open port on debian vps
Trying to open 51820 UDP
I do
iptables -A INPUT -p udp --dport 51820 -j ACCEPT
then iptables -L
I can see
ACCEPT udp -- anywhere anywhere udp dpt:51820
then I do
/sbin/...
- 47
1
vote
0
answers
130
views
How can I use iptables to forward all traffic through an interface based in gid?
I'm on Debian 12 bookworm
I'm trying to forward all traffic from (and to) users in the group watchers through interface tun9 and prevent them from using enp2s0.
I've set up a tunnel using openvpn with ...
- 201
1
vote
0
answers
65
views
How to prevent to lockout from vpn server?
I have a wireguard server on VPS, I am able to connect through ssh. It has to put on port forward ssh command to wireguard client.
iptables -t nat -A PREROUTING -p tcp --dport 22 -j DNAT --to-...
- 11
1
vote
2
answers
574
views
WireGuard Throughput Issues
I'm having quite an odd issue with WireGuard performance between a VyOS router [LTS 1.3.3] and a Cloud VPS [Debian 12] acting as a CHR.
I have a publicly facing /29 routed to the CHR via GRE, at an ...
- 11
0
votes
0
answers
74
views
ping to 8.8.8.8 took long time or even want to show result
Im using ip tables to simulate between host and and client. I can ping between host and client or client between client but the client cannot ping to the 8.8.8.8 or even using internet, but the host ...
0
votes
1
answer
381
views
tcpdump shows traffic even for down interface
Using Debian Buster and having configured VLAN interface online, I wonder that tcpdump shows any traffic send to the external IP address?
Having a server on Hetzner and want to configure VLAN traffic ...
- 263
1
vote
0
answers
5k
views
How to stop the sending of ICMP timestamps replies and requests?
Woo, progress! Updated below! I've been all over the internet looking for an answer to this one. I am using a Raspberry Pi running Raspbian Debian 11. The problem seems rather simple, just blocking ...
- 11
0
votes
1
answer
1k
views
Correct flag to use instead of --icmp-type?
I am trying to set up iptables v1.8.7 on a Debian 11 Raspberry Pi to block ICMP timestamp requests and replies. The tutorial I am following and all the other forums I have looked at say to use the ...
- 11
0
votes
0
answers
28
views
Cant ping neither the gateway nor the internet if not already pinged with the gateway
Im quite new to networking, i tried to look for the response to my problem but i didnt find it.
I have 4 vm's, that we will call 1,2,3,4. The first ( the gateway) one have a host-only and bridge ...
- 1
0
votes
1
answer
759
views
IPtables does'nt apply this rule
I got many rules like this :
#!/bin/sh
modprobe ip_conntrack
# Initialiser les tables
iptables -t filter -F
#Vider les règles custom
iptables -t filter -X
#Interdire toutes les connexions entrante ...
- 101
0
votes
1
answer
2k
views
How to configure Debian 11 Desktop PC (computer with GUI) as a router (internet sharing)
I have two desktop machines, Windows 10 and Debian 11. These machines both have single 1G ethernet ports on the motherboards as well as an ASUS 10G PCI-e add in card.
I don't own a 10G switch to ...
- 3,214
1
vote
1
answer
2k
views
iptables to nftables for iKEv2 IPSEC VPN server
Can someone please help in converting the below iptable rules to equivalent nftables rules?
I have already tried to use iptables-translate, but it is not translating all of my rules...
# accept ports ...
- 111
2
votes
0
answers
365
views
Can't access Apache2 on a VPS via public IP of the server from an external computer
root@Client13:/etc/apache2# netstat -anltp | grep "LISTEN "
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 104129/apache2
tcp 0 0 0.0.0.0:22 ...
- 33
0
votes
0
answers
668
views
NAT with iptables does not work from within a VM
I use Proxmox on a Debian 11 host with two public IP addresses.
One ip gets bridged to a virtual machine (VM1) via vmbr0.
For another machine (VM2, IP 192.168.10.2) I want to use NAT to get internet ...
- 1
0
votes
1
answer
257
views
Iptables blocking apt-get on debian server
I'm configuring iptables on a new web dedicated server.
The rules are really simple :
Chain INPUT (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere ...
- 1
1
vote
1
answer
706
views
Iptables-restore does not work with SNAT
I am using Raspbian on a Raspbery Pi (based on Debian 10) and I'm trying to use the following line in my iptables rule set:
-A POSTROUTING -s 2.3.4.5/26 -o eth0 -j SNAT --to-source 1.2.3.4
However ...
- 11
0
votes
1
answer
612
views
IPTables rules for LAN traffic
As a learning experience I'm building a secure web/Email server on a Raspberry Pi V4. I have it basically running but in looking at the sys/log file I see many records like the following:
Jul 31 14:...
- 43
1
vote
1
answer
1k
views
Failed login attempts, constant brute force
I'm running a VPS with an iptables firewall (configured via ufw). I have shut down all traffic with:
sudo ufw default deny incoming
sudo ufw default allow outgoing
After that I have opened certain ...
- 113
2
votes
1
answer
940
views
IPTables and SSH login problems when rules are set via a shell script
When I put these IPTables rules, I cannot access to the server via SSH. IPTables rules are not persistent, so I restart the server to have access again.
I get this error with these rules when I try to ...
user1251775
1
vote
1
answer
914
views
ipconfig -- port forwarding does not work with Wireguard
I have a working WireGuard configuration, and am trying to set up port forwarding to route traffic from the server to the client. I'm trying to do some testing with port 80 -- I have an nginx server ...
- 392
1
vote
1
answer
3k
views
Why iptables drop all packets?
I set this role for drop invalid packets:
iptables -t mangle -A PREROUTING -m conntrack --ctstate INVALID -j DROP
but it drop all packets.
this is all my iptables rules:
- 113
0
votes
1
answer
414
views
Is it possible to route incoming traffic permanently in linux?
I was trying to route my incoming connections to a teamspeak server on another machine
using below iptables commands
iptables -t nat -A PREROUTING -p udp -s 0/0 -d LOCALIP --dport 9987 -j DNAT --to ...
2
votes
1
answer
10k
views
RULE_APPEND failed (iptables)
I'm working on an assignment in which I have to create some custom firewall rules on a Debian router. I'm using iptables to create the rules. Here's the thing, whenever I try to add this rule: ...
- 23
0
votes
1
answer
554
views
How to set iptables rule - access to only one ip/domain
I need help with create iptabes rule, that user's ip (specified in local eth) can connect only with definied ethernet ip address/domain and all other traffic should be dropped.
Should works only one ...
2
votes
1
answer
3k
views
Debian 10 stopped on reboot after "Reached target system time synchronized"
I have a Debian 10 virtual server and I have removed ufw and iptables and rebooted the machine. Upon start, the system pauses at the Reached target system time synchronized line.
After few minutes ...
- 205
0
votes
1
answer
162
views
Gitlab connecting via HTTPS to IPs
this is kind of a weird question, but no search can help me figure it out so here it goes:
I have an on premise Gitlab CE setup, version 12.5.0.
I have a basic setup, no internet related outgoing or ...
- 303
0
votes
1
answer
313
views
Debian iptables Misconfiguration when Connected to VPN
TL;DR
Debian router works fine until I connect VPN, then some misconfiguration in iptables (or route tables) makes it so the router itself cannot ping IPs/Domains through tun0, therefore DNS servers. ...
- 286
1
vote
1
answer
514
views
iptables-restore failing: "The -t option ... cannot be used"
I have a very simple set of iptables rules:
*filter
-A INPUT -i lo -j ACCEPT
-A INPUT -d 127.0.0.0/8 -j REJECT
-A INPUT -mstate --state ESTABLISHED,RELATED -j ACCEPT
-A OUTPUT -j ACCEPT
-A INPUT -...
- 223
0
votes
1
answer
239
views
Node-RED on Debian 9 server cannot connect to MQTT brokers
My Node-RED flow:
[{"id":"6c5780e.7e86f","type":"mqtt in","z":"fa8ef0ce.69a348","name":"","topic":"bs/esp8266/ldr","qos":"2","datatype":"auto","broker":"11952de3.32d7b2","x":320,"y":420,"wires":[["...
- 103
1
vote
0
answers
84
views
Installing ufw on Debian Stretch
I am thinking of installing ufw on my Raspberry Pi that is running Debian Stretch because I am no expert in firewalls and I think it would make my life easier. My understanding is that ufw is just a ...
- 11
0
votes
1
answer
431
views
How do I reroute traffic from port 80 on tun0 to port 80 on eth0?
I have a webserver running on the same server that I use a VPN on. I'd like to be able to access the webserver when the VPN is both on or off. On FreeBSD this was pretty simple, in my opinion PF is ...
- 1
2
votes
1
answer
266
views
Can iptables change its rules based on the network you're currently in?
Does iptables have a way to automatically adapt some of its rules or just straight out switch which rule sets it's using based on what your current network is?
I have a lot of uses for something like ...
- 228
2
votes
1
answer
169
views
iptables: trying to understand rule giving access to synaptic
(This is for a system based on antiX, itself based on Debian stretch.)
I have the following rules for iptables:
iptables -F
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
...
- 65
1
vote
0
answers
203
views
how to route network traffic from wireless interface to a second wireless interface and a 3G/4G usb dongle on the same computer
I have a computer running a debian based distribution with three network interfaces: two wireless (wlan0 and wlan1) and the third one is an usb dongle for 3G/4G network access. I want to archive the ...
0
votes
1
answer
225
views
debian8 iptables stop command wont work
hello people first post on superuser so im sorry if its pretty bad
anyway im working with a debian8 vps and im trying to stop iptables using command
service iptables stop
but it comes up with a ...
- 1
0
votes
1
answer
8k
views
sysctl: cannot stat /proc/sys/net/ipv4/icmp_echo_ignore_broadcast: No existe el fichero o el directorio
I have a Debian 9 Stretch and I'm configuring as webserver. For this I'm applying rules in iptables and another parameters in /etc/sysctl.conf
I would like to apply this rule in FW:(it's inside the ...
- 1
1
vote
0
answers
104
views
Transmission daemon not working after trying to set up firewall to force it to use vpn
I tried to force transmission to use a my vpn by following these instrunctions. Now it doesn't work at all.
I flushed the iptables rules and rebooted but it still doesn't work.
Here are my current ...
- 121
0
votes
1
answer
3k
views
iptables prerouting don't work
I used this command block for routing 80 to 8080, but it's not working now
sudo sysctl -w net.ipv4.ip_forward=1
sudo iptables -t nat -A PREROUTING -i wlp8s0 -p tcp --dport 80 -j REDIRECT --to-port ...
- 1
0
votes
1
answer
635
views
Debian 8 iptables blocked all connections
I've got a really big problem with my root server running Debian 8 (64-Bit). I installed some iptables rules to block specific IP ranges belonging to China and some blacklisted ranges. It seems ...
- 1
1
vote
2
answers
4k
views
route all traffic through another server without using VPN server?
Let's say I have 2 servers
Server A and Server B
I want all traffic from server B to pass through Server A (like a proxy for the whole system), I understand one way to do this is by using a VPN ...
- 507
0
votes
1
answer
896
views
How to create a virtualbox vm internet sandbox (linux guest) on a debian stretch host
I want to ensure that the host cannot access the internet. While internet traffic is free to travel to and from the vm guest, and more importantly I want to make sure the internet traffic cannot reach ...
- 163
0
votes
1
answer
557
views
Exclude local client from VPN Tunnel on Debian
So I recently set up a Debian server on my network in order to route all my internet traffic through OpenVPN. I used this guide to set up the iptables (I did not set up the kill switch though.)
Now, ...
- 121
0
votes
1
answer
45
views
Port working without being put in IPTables
I recently installed a web service on my linux box (Sinusbot) and the web interface appears to be working without forwarding 8087 through IPTables, is this normal behaviour?
I feel like this means ...
- 1
0
votes
0
answers
69
views
Debian Network Configuration
I have a Debian VPS on which I am trying to open some ports like 80, 443, etc. and here's what I've done:
Creating a test iptables file:
editor /etc/iptables.test.rules
which has some basic rules:
...
- 19
0
votes
1
answer
1k
views
Iptables doesn't work
Hello in virtualbox I installed Debian 8 and my web application which is running on port 8000.
Virtualbox network I have in network settings bridged adapter and I can connect there via ssh from my ...
- 23
0
votes
0
answers
3k
views
UFW Blocking FTP Access
I have installed UFW on debian and now my FTP server is not working whenever I connect to it using a client, it allows me to log in and lists my home directory, but whenever I try to navigate ...
- 193
0
votes
2
answers
2k
views
Deluge refuses every non-localhost connection despite remote connections being enabled
I installed Deluge today on my Debian 8.0 VPS. Everything is working, except for remote connections. I explicitly enabled remote connections with config -s allow_remote true and after checking the ...
- 163