Frequently Asked Questions About Linux / UNIX

Frequently Asked Questions About Linux / UNIX » Iptables http://www.cyberciti.biz/faq Every answer asks a more beautiful question. Fri, 03 Feb 2012 22:38:32 +0000 en hourly 1 http://wordpress.org/?v=3.3.1 Linux: Iptables Find / Check Banned IP Addresshttp://www.cyberciti.biz/faq/linux-howto-check-ip-blocked-against-iptables/ http://www.cyberciti.biz/faq/linux-howto-check-ip-blocked-against-iptables/#comments Tue, 15 Feb 2011 12:19:32 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=10021

How do I find or check IP's that are currently banned using iptables command in Linux? How do I verify that IP address 1.2.3.4 is banned or not in Linux?]]> http://www.cyberciti.biz/faq/linux-howto-check-ip-blocked-against-iptables/feed/ 0 Linux: Block Port With IPtableshttp://www.cyberciti.biz/faq/iptables-block-port/ http://www.cyberciti.biz/faq/iptables-block-port/#comments Fri, 10 Dec 2010 21:18:02 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=9619

How do I block port number with iptables under Linux operating systems?]]> http://www.cyberciti.biz/faq/iptables-block-port/feed/ 5 Iptables Drop IP Addresshttp://www.cyberciti.biz/faq/linux-iptables-drop/ http://www.cyberciti.biz/faq/linux-iptables-drop/#comments Sat, 20 Nov 2010 19:20:00 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=9411 http://www.cyberciti.biz/faq/linux-iptables-drop/feed/ 0 Linux Network IP Accountinghttp://www.cyberciti.biz/faq/linux-configuring-ip-traffic-accounting/ http://www.cyberciti.biz/faq/linux-configuring-ip-traffic-accounting/#comments Tue, 09 Nov 2010 20:22:35 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=9209

I need to know how much data are transmitted on my ppp0 network or eth0 Internet links? How do I set IP accounting by address such as 123.1.2.3 and 123.1.2.4? How do I set IP accounting per Apache virtual domain? How do I set accounting by service port (http, smtp) and protocol (tcp, udp, icmp)? How do I record how much traffic each of the clients computer is using?]]> http://www.cyberciti.biz/faq/linux-configuring-ip-traffic-accounting/feed/ 6 iptables: Read a List of IP Address From File And Blockhttp://www.cyberciti.biz/faq/iptables-read-and-block-ips-subnets-from-text-file/ http://www.cyberciti.biz/faq/iptables-read-and-block-ips-subnets-from-text-file/#comments Tue, 26 Oct 2010 17:22:10 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=9094

How do I read a list of ip address (subnets) using a text file and block all of them using Linux iptables command? ]]> http://www.cyberciti.biz/faq/iptables-read-and-block-ips-subnets-from-text-file/feed/ 2 Iptables Limits Connections Per IPhttp://www.cyberciti.biz/faq/iptables-connection-limits-howto/ http://www.cyberciti.biz/faq/iptables-connection-limits-howto/#comments Sun, 07 Feb 2010 18:31:46 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=6434

How do I restrict the number of connections used by a single IP address to my server for port 80 and 25 using iptables? ]]> http://www.cyberciti.biz/faq/iptables-connection-limits-howto/feed/ 20 Linux iptables: Port Redirection Examplehttp://www.cyberciti.biz/faq/linux-port-redirection-with-iptables/ http://www.cyberciti.biz/faq/linux-port-redirection-with-iptables/#comments Mon, 01 Feb 2010 16:30:03 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=6366

How do I redirect 80 port to 8123 using iptables?]]> http://www.cyberciti.biz/faq/linux-port-redirection-with-iptables/feed/ 10 Iptables: Invert IP, Protocol, Or Interface Test With !http://www.cyberciti.biz/faq/iptables-invert-ip-or-protocol-with/ http://www.cyberciti.biz/faq/iptables-invert-ip-or-protocol-with/#comments Fri, 29 Jan 2010 08:05:20 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=6339

How do I invert a protocol or ip address test while writing iptables based shell scripts?]]> http://www.cyberciti.biz/faq/iptables-invert-ip-or-protocol-with/feed/ 3 Linux Iptables: Add / Delete An IP Address Remotely Using A Shell Scripthttp://www.cyberciti.biz/faq/linux-iptables-add-delete-ip-address/ http://www.cyberciti.biz/faq/linux-iptables-add-delete-ip-address/#comments Thu, 22 Oct 2009 08:37:22 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=5462

I've root ssh access and need to add / delete a few IP address on fly using the IPtables command via local shell script. How do I add or delete an IP address remotely over the SSH session under CentOS / Redhat / RHEL / Debian / Ubuntu Linux?]]> http://www.cyberciti.biz/faq/linux-iptables-add-delete-ip-address/feed/ 3 Samba: Linux Iptables Firewall Configurationhttp://www.cyberciti.biz/faq/configure-iptables-to-allow-deny-access-to-samba/ http://www.cyberciti.biz/faq/configure-iptables-to-allow-deny-access-to-samba/#comments Fri, 16 Oct 2009 08:48:47 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=5360

How do I configure iptables firewall under CentOS / Fedora / RHEL / Redhat Linux to allow access to the Samba server? How do I open TCP ports # 137, 138, 139 and 445 under Linux so that all Microsoft Windows machine can access files and printer on a Linux host?]]> http://www.cyberciti.biz/faq/configure-iptables-to-allow-deny-access-to-samba/feed/ 2 CentOS / RHEL IPv6 ip6tables Firewall Configurationhttp://www.cyberciti.biz/faq/redhat-fedora-ip6tables-firewall-configuration/ http://www.cyberciti.biz/faq/redhat-fedora-ip6tables-firewall-configuration/#comments Mon, 31 Aug 2009 09:20:01 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=5139

I know how to configure iptables (IPv4) host-based firewall using Netfilter. How do I configure ip6tables for basic filtering IPv6 packets?]]> http://www.cyberciti.biz/faq/redhat-fedora-ip6tables-firewall-configuration/feed/ 2 Apache IPv6 Configuration: Dual Stacked IPv4 & IPv6 Virtual Hostshttp://www.cyberciti.biz/faq/ipv6-apache-configuration-tutorial/ http://www.cyberciti.biz/faq/ipv6-apache-configuration-tutorial/#comments Fri, 28 Aug 2009 04:04:45 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=5032

How do I configure Apache IPv6 networking under UNIX / Linux / BSD operating systems? How do I configure httpd IPv6 and IPv4 under RHEL / CentOS / Fedora / Debian / Ubuntu Linux?]]> http://www.cyberciti.biz/faq/ipv6-apache-configuration-tutorial/feed/ 3 DenyHosts: Remove / Delete an IP addresshttp://www.cyberciti.biz/faq/linux-unix-delete-remove-ip-address-that-denyhosts-blocked/ http://www.cyberciti.biz/faq/linux-unix-delete-remove-ip-address-that-denyhosts-blocked/#comments Mon, 17 Aug 2009 20:25:17 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=4844

I've followed your guide and installed denyhosts to protect on my RedHat 5.3 OpenSSH based server. However, I've been accidentally blocked out from my home ADSL IP address. I tried removing my blocked IP from /etc/hosts.deny, but it did blocked it again quickly. It appears that DenyHosts keeps track of the attempts somewhere on disk or memory. How do I remove my own home IP address from DenyHosts?]]> http://www.cyberciti.biz/faq/linux-unix-delete-remove-ip-address-that-denyhosts-blocked/feed/ 9 Linux Iptables Open LDAP Server TCP Ports 389 and 636http://www.cyberciti.biz/faq/configure-linux-iptables-to-allow-access-ldap-server/ http://www.cyberciti.biz/faq/configure-linux-iptables-to-allow-access-ldap-server/#comments Sun, 16 Aug 2009 09:28:43 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=4838

The default Iptables configuration under CentOS / Red Hat / RHEL / Fedora Linux does not allow inbound access to LDAP service. How do I update iptables settings to allow access to the LDAP primary TCP #389 and encrypted-only TCP # 636 ports, while keeping all other ports on the server in their default protected state?]]> http://www.cyberciti.biz/faq/configure-linux-iptables-to-allow-access-ldap-server/feed/ 6 Snmpd Listen to Specific IP Address ( BIND To Selected Interfaces )http://www.cyberciti.biz/faq/linux-unix-bind-snmpd-to-specific-ip-address-interfaces/ http://www.cyberciti.biz/faq/linux-unix-bind-snmpd-to-specific-ip-address-interfaces/#comments Thu, 06 Aug 2009 12:54:09 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=4617

How do I force SNMP (Simple Network Management Protocol) network management software to listen on public interfaces under RHEL / RedHat / Fedora / CentOS Linux server?]]> http://www.cyberciti.biz/faq/linux-unix-bind-snmpd-to-specific-ip-address-interfaces/feed/ 6 Iptables Open VNC Port To Allow Incoming VNC Connectionshttp://www.cyberciti.biz/faq/linux-iptables-open-vncserver-port-6000-5800-5900/ http://www.cyberciti.biz/faq/linux-iptables-open-vncserver-port-6000-5800-5900/#comments Thu, 30 Jul 2009 09:20:14 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=4578

How do I configure Linux system firewall to allow incoming VNC connections?]]> http://www.cyberciti.biz/faq/linux-iptables-open-vncserver-port-6000-5800-5900/feed/ 6 Configure Linux As Bastion Hosthttp://www.cyberciti.biz/faq/linux-bastion-host/ http://www.cyberciti.biz/faq/linux-bastion-host/#comments Fri, 26 Jun 2009 21:13:58 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=4230

What is bastion host? How do I configure bastion host under Linux? How do I create a firewall for a bastion host under any Linux distribution?]]> http://www.cyberciti.biz/faq/linux-bastion-host/feed/ 10 Ubuntu Linux Save / Restore Iptables Ruleshttp://www.cyberciti.biz/faq/how-to-save-restore-iptables-firewall-config-ubuntu/ http://www.cyberciti.biz/faq/how-to-save-restore-iptables-firewall-config-ubuntu/#comments Wed, 24 Jun 2009 09:49:04 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=4197

I want to make changes to an iptables configuration. How to do I Save and Restore an iptables Configuration in Ubuntu Linux server?]]> http://www.cyberciti.biz/faq/how-to-save-restore-iptables-firewall-config-ubuntu/feed/ 8 Ubuntu Linux Add Static IPv6 Address Network Configurationhttp://www.cyberciti.biz/faq/ubuntu-ipv6-networking-configuration/ http://www.cyberciti.biz/faq/ubuntu-ipv6-networking-configuration/#comments Fri, 19 Jun 2009 01:22:51 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=4136

How do I configure static IPv6 networking under Ubuntu Linux server operating systems?]]> http://www.cyberciti.biz/faq/ubuntu-ipv6-networking-configuration/feed/ 5 Tunneling X Connection Through Intermediate Linux / BSD Gatewayhttp://www.cyberciti.biz/faq/proxycommand-ssh-session-internal-host-through-gateway/ http://www.cyberciti.biz/faq/proxycommand-ssh-session-internal-host-through-gateway/#comments Thu, 07 May 2009 22:05:05 +0000 Vivek Gite http://www.cyberciti.biz/faq/?p=3753

I've ssh gateway behind my NAT firewall. So all users must first login to my gateway host from the internet and then login to other machines on the LAN. This works great for cli based apps. However, few users would like to run x apps from internal LAN hosts and tunnel X display through intermediate ssh gateway and display back output on their local system. For example, from localsystem user makes connection as follows:

ssh -X user@gateway.example.com ssh -X user@somelan.example.com

X forwarding fails with an error:

Error: Can't open display:

How do I fix this problem and allow users to use X apps with my intermediate Linux / BSD gateway?]]> http://www.cyberciti.biz/faq/proxycommand-ssh-session-internal-host-through-gateway/feed/ 5