March 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031

Categories

March 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031

iptables Rules

Block IP traffic from an specific IP or Network.

Block from an IP

iptables -A INPUT -s 11.22.33.44 -j DROP

If you want to block only on an specific NIC

iptables -A INPUT -s 11.22.33.44 -i eth0 -j DROP

Or an specific port

iptables -A INPUT -s 11.22.33.44 -p tcp -dport 22 -j DROP

Using […]

IPTABLES firewall script generated online website

According to the website wizard can automatically generate the IPTABLES firewall wall script!

1, Bifrost-GUI firewall management interface to iptbales [Url] http://bifrost.heimdalls.com/ [/ url]

2, LinWiz-Linux configuration file and scripting Wizards [Url] http://www.lowth.com/LinWiz/ [/ url]

3, GIPTables Firewall-IPTABLES Rules Generator [Url] http://www.giptables.org [/ url]

4, Easy Firewall Generator for IPTables [Url] http://morizot.net/firewall/gen […]

IPTables “Stealth” Scan Detection

Many of you probably know about port scanning. It’s a very simple process, where essentially you attempt to to make a connection on several ports of several machines. If the port is closed, a reset is returned. If the port is open, a SYN+ACK is returned.

Now, there are some other types of scans, such […]

Bridging, Transparent Firewalls and Intrusion Prevention

Contents

What is Bridging? Installing a Bridge Configuring a Bridge What is a Bridging Firewall? Installing a Bridging Ebtables Firewall Configuring a Bridging Ebtables Firewall Installing a Bridging Iptables Firewall Configuring a Bridging Iptables Firewall What is an Intrusion Prevention System? Installing an Intrusion Prevention System Configuring an Intrusion Prevention System

What is Bridging?

[…]

Stealth Firewalling with Linux

What Is Stealth Firewalling with Linux?Simply put, a stealth firewall is an Ethernet bridge with filtering capabilities. This means that it’s a firewall that operates at Layer 2 of the OSI model, leveraging netfilter rules and chains (Linux’s firewall system) applied to the bridge. For those not familiar with what a bridge is: an Ethernet […]

Iptables rewirte for 8080 and 8443

Another way of achieving the same thing is to add an iptable redirection rule.

We have done it this way, because we didn’t want to add the xinit package to our standard configuration.

These instructions were created on a Debian Lenny system.

Create a new “if-up” script:sudo vim /etc/network/if-up.d/jira-redirect

Make this its content:

#!/bin/bashfor i […]

IPTABLES TO BLOCK FACEBOOK

-A FORWARD -s 192.168.0.232 -m string –string “facebook.com” –algo kmp –to 65535 -j ACCEPTA FORWARD -m string –string “youtube.com” –algo kmp –to 65535 -j DROP-A FORWARD -m string –string “facebook.com” –algo kmp –to 65535 -j DROP-A FORWARD -m string –string “meebo.com” –algo kmp –to 65535 -j DROP

Blocking Nmap Scans using IPtables on Linux server

Below Rules will block few of the Nmap Scans on ur linux server

The default config files of IPtables for RHEL / CentOS / Fedora Linux are located here

/etc/sysconfig/iptables –

iptables -A INPUT -p tcp –tcp-flags ALL FIN -j DROP iptables -A INPUT -p tcp –tcp-flags ALL NONE -j DROP iptables -A INPUT […]

CentOS / Redhat Iptables

How do I configure a host-based firewall called Netfilter (iptables) under CentOS / RHEL / Fedora / Redhat Enterprise Linux? Netfilter is a host-based firewall for Linux operating systems. It is included as part of the Linux distribution and it is activated by default. This firewall is controlled by the program called iptables. Netfilter filtering […]

Shorewall Firewall

Installing and configuring Shorewall in CentOS

Netfilter is a packet filtering in Linux 2.4.x and 2.6.x kernels Enables packet filtering (network address and port), NAT and other packages. Redesigned and highly improved from the previous kernel 2.2.x, ipchains and ipfwadm kernel 2.0.x.

Netfilter is a set of structures within the kernel that allows modules to […]