Questions tagged [iptables]
iptables is the userspace command line program used to configure the Linux 2.4.x and 2.6.x IPv4 packet filtering ruleset. It is targeted towards system administrators. Please, when asking a question about iptables, add the output from the following command: iptables -L -v -n Iptables has been superceded by netfilter https://netfilter.org/ but has backwards compatible commands.
6,756 questions
Score of -1
0 answers
33 views
Wireguard split tunneling / One sided tunnel usage only
My goal is to have a wg tunnel established between a "client" and "server", but not send any of the client's traffic through the wg tunnel. I only want the server traffic to go ...
Score of 0
1 answer
71 views
AWS Linux iptables redirecting port 22 timeout
I am trying to run cowrie honeypot on EC2 AWS Linux instance.
Instance is accessible through ssh which is by default on port 22.
As instructed in https://github.com/cowrie/cowrie/blob/main/INSTALL.rst,...
Score of 0
2 answers
141 views
How to mitigate DDoS (syn flood) attack?
I got about 30K-50K pps syn flood with bandwidth of ~ 10-20 Mbps from a total of 200M network link.
Due to it, I have above 90% packet loss to my VPS.
I had nf_conntrack table full error, that was ...
Score of 0
1 answer
217 views
Forwarding OpenVPN server traffic with firewalld
Recently I switched from ufw to firewalld and faced an issue that connected OpenVPN server clients do not have internet access. As I researched it became clear that ufw and firewalld forwarding rules ...
Score of 2
1 answer
209 views
Iptables on ubuntu 24.04 completely ignores NAT table (even for logging)
Faced a problem while trying to setup port forwarding on ubuntu 24.04 - turns out, any NAT rules in iptables (PREROUTING, in particular) are completely ignored.
What i've tried:
# Generated by ...
Score of 0
0 answers
49 views
Limiting connection to Docker with whitelist on iptables
I'm trying to limit the access of IPs to my Docker service with iptables.
Let's say my public IP is 1.2.3.4
and the range of IPs that I want to allow is 5.6.7.224/28. I don't want any other range ...
Score of 0
0 answers
211 views
Rule state established,related not working in iptables (ubuntu 24.04)
I have a clean installation of ubuntu 24.04, but I am having problems setting up iptables. For the initial configuration, my goal is simply to allow all outgoing traffic and incoming SSH traffic. This ...
Score of 0
2 answers
299 views
iptables refuse to block banned traffic (fail2ban)
I am having issues getting iptables to block traffic fail2ban successfully. f2b puts the correct IP address in the correct f2b CHAIN, but those "blocked" IP addresses are not being REJECTed, ...
Score of 0
1 answer
148 views
File uploads fail when outbound Internet is restricted to specific IP addresses [closed]
I have a CentOS 7 server where outbound Internet is restricted using iptables to specific external IP addresses.
For example using Perplexity’s IP addresses:
sudo iptables -A OUTPUT -d 104.18.26.48 -j ...
Score of 0
0 answers
68 views
Replies from Docker container application never reach back WireGuard tunnel
I'm currently trying to route traffic through my VPS to my server, because my server doesn't have public IP. I'm using WireGuard to create tunnel between the server and VPS and iptables to route the ...
Score of 0
0 answers
77 views
iptables/WireGuard client communication through gateways with masquerading
Let's say I have two networks: NetworkA and NetworkB each of one needs to access services offered through the gateway without knowing what is the final endpoint.
NetworkA 10.0.0.0/24
clientA 10.0.0.1
...
Score of 0
0 answers
167 views
VPN clients unable to access some network resources
I have a local network behind a Ubuntu server doing NAT, iptables, OpenVPN, and VirtualBox, all IPV4.
I need VPN clients to access machines in local network.
Local net is 192.168.1.0/24 and VPN net ...
Score of 1
0 answers
63 views
Using iptables to NAT between local networks [closed]
I have four VLANs at the following interfaces on my Orange pi 5 running armbian:
192.168.2.200/24 at eth0 the base network from my provider, gateway at 192.168.2.254
192.168.200.1/24 at wifi for wifi
...
Score of 0
1 answer
203 views
Setting preferred route for host with IP masquerade with two outbound interfaces
I have IP masquerade set up with two outbound interfaces. The main interface is wlan0 and 4G failover is $usb0. The local network is br0.
(The system is Debian 12 but it's not possible to convert my ...
Score of 1
0 answers
145 views
Proxmox Reverse Proxy external IPv6 and port 8080
Having trouble to configure apache2 on Proxmox-Server as Reverse Proxy to an external IPv6 address with port 8080.
In a small project I want to configure an Reverse Proxy from my external Proxmox-...