Ask Ubuntu Stack Exchange
Ask Ubuntu Stack Exchange

Questions tagged [iptables]

Iptables is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel.

iptables is a user space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall and the chains and rules it stores.

1304 questions
119
votes
2 answers

How to save rules of the iptables?

I create the rules to iptables. But, when I restart the computer, the rules don't work! How to save the rules on Ubuntu ? The was problem solved! do: After of the write the commands iptables, do: 1. sudo su 2. iptables-save > /etc/iptables.rules …
Gustavo
  • 1,199
27
votes
3 answers

Do I also need to set up another iptables rules for ipv6 if I just used iptables?

Say I have a firewall setup on my linux server with iptables so that I only accept port 22 and port 80 traffic and I block access to all other ports. Do these rules only work if the client machine is using a IPv4 address? So if an ipv6 address is…
user230779
  • 311
  • 2
  • 4
  • 5
26
votes
5 answers

iptables resets when server reboots

Everytime my server reboots it seems I have to reset my iptables to default, I used to use firestarter but removed it a while ago. Is there any settings that are making iptables change when the server reboots?
Anagio
  • 393
25
votes
3 answers

Do I need to restore iptable rules everytime on boot?

Every time I reboot I loose the iptables rules that took me so looong to enter. I know I can save them and restore them on boot, but is there anyway to save them forever? Do I really need to restore them on boot every time? Seriously? The problem is…
capdragon
  • 1,027
23
votes
1 answer

iptables, order of rules - do I understand it right?

I would like to configure my VPS in the way that it ONLY accepts connections from outside on port 22 (where sshd listens) and ICMP requests. Everything else from outside should be rejected. Inside the server, everything should be allowed. Do the…
Xpector
  • 427
  • 1
  • 5
  • 11
21
votes
2 answers

How to start/stop iptables?

While learning some new things about iptables I can't through this. While I am trying to start, its saying as root@badfox:~# iptables -L -n -v Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source …
Raja G
  • 102,391
  • 106
  • 255
  • 328
13
votes
2 answers

Where does netfilter-persistent save the iptables rules?

Been looking where does netfilter-persistent store its rules but could not find any documentation about it on help.ubuntu.com. Does anybody know where does netfilter-persistent in Ubuntu save its rules so it survives a reboot?
chrone
  • 415
  • 1
  • 5
  • 18
10
votes
2 answers

Create table in iptables

I want to create a custom table using iptables so that I can add my custom chains in it. But I doesn't see any option to do that. I tried to search for it but didnt found anything. Please Help.
Tarun
  • 4,245
  • 13
  • 50
  • 74
9
votes
1 answer

Failed to start iptables-persistent.service

Ubuntu 16.04.2 In a book I read that we need iptables-persistent. The book was published in 2016. Ok: sudo apt install -y iptables-persistent Everything installed. No problems so far. If I reboot the computer, iptables is still here. Then in the…
Michael
  • 553
  • 4
  • 7
  • 11
9
votes
1 answer

How many instructions can be stuffed into iptables without loosing system sanity?

Say one wishes to have a list of blocked IP addresses. I have seen the following example script: BLOCKDB="/path/to/ip.blocked.file" # omit comments lines IPS=$(grep -Ev "^#" $BLOCKDB) for i in $IPS do iptables -A INPUT -s $i -j DROP iptables…
Tzury Bar Yochay
  • 769
6
votes
1 answer

Iptables Restricting Access By Time

How to control internet time access for each IP? How to add time to this rule: iptables -I FORWARD -s 192.168.0.56 -j ACCEPT? I tried this iptables -I FORWARD -s 192.168.0.56 -m time --timestart 13:00 --timestop 14:00 -j ACCEPT and iptables -I…
Mantykora 7
  • 85
5
votes
1 answer

iptables nonexistent?

$ iptables sh: 1: iptables: not found $ sudo iptables [sudo] password for [redacted]: sudo: iptables: command not found $ /sbin/iptables sh: 3: /sbin/iptables: not found $ sudo /sbin/iptables sudo: /sbin/iptables: command not found iptables was…
robbie
  • 153
5
votes
3 answers

Is there a rule for iptables to limit the amount of SYN packets a /24 range of IPs can send?

How can I block entire C class IP blocks when they send too many SYN packets to my ubuntu 12.04 server? Example of what I see during a SYN flood attack: Each different IP only sends 1 SYN packet, so the firewall doesn't block it. But the range…
Salvatorelab
  • 687
5
votes
1 answer

Iptables Not Blocking User

iptables seems to not want to block a user. I'm using a remastered 10.04 live and Firestarter as a firewall. I've made no fundamental changes to the distro, except to update, upgrade and added this iptable line for my admin user dev: sudo iptables…
bambuntu
  • 991
4
votes
1 answer

Redirect packages directed to port 5000 to another port

I'm trying to use eboard to connect to the FICS servers (http://www.freechess.org), but it fails because port 5000 is blocked (company firewall). However, I can connect to the server through the telnet port (23): telnet freechess.org…
tdc
  • 416
1
2 3 4 5 6 7