Linux

Replace firewalld with iptables in CentOS 7

This is a short HOWTO replace or disable firewalld with iptables in CentOS 7. Install iptables service # yum -y install iptables-services If you would like to save the firewall rules you need to run the following command # iptables-save > iptables-rules.txt These rules can be added to /etc/sysconfig/iptables but I usually use the rules […]

Read More
Network

iptables connection tracking table full

I’ve recently experienced that my workstation (Ubuntu Jaunty Jackalope, 9.04, x86_64) “hangs” periodically when my internet browser, Mozilla Firefox, has a lot of active tabs. In my case I had > 100 active tabs in more than 20 windows. I know I should have closed some of them but that is not an option right […]

Read More
Security

ufw and IP masquerading

I’ve just upgraded my home server from Ubuntu 8.10 to 9.04 and experienced that my ufw firewall (iptables) would not route traffic from my local network to the Internet. My IP masquerading was not working anymore and since I had not documented the process when I set it up I had to search the Ubuntu […]

Read More
Linux

Some iptables tricks

Multiport The Multiport extension allows you to specify multiple ports and ranges and makes it possible to create complex rules in one line. Here’s an example of how you can allow SSH, Web, IMAP and X terminal traffic iptables -A INPUT -p tcp -m multiport –dports 22,80,143,6000:6003 -j ACCEPT The alternative to using this rule […]

Read More
Network

Using ufw / iptables in Ubuntu 8.04 LTS

ufw (Uncomplicated Firewall) is a new and easy firewall/iptables tool introduced in Ubuntu 8.04 LTS (Hardy Heron). ufw is a front-end for iptables-restore, with its rules saved in /etc/ufw/before.rules, /etc/ufw/after.rules and /var/lib/ufw/user.rules. Administrators can customize before.rules and after.rules as desired using the standard iptables-restore syntax. Rules are evaluated as follows: before.rules first, user.rules next, and […]

Read More