Questions tagged [iptables]
iptables allow creation of rules to define packet filtering behavior. The most reliable way to provide an iptables ruleset in a question is with the output of (as root): iptables-save -c
2,713 questions
0votes
1answer
68views
route traffic to 127.0.0.1
My scenario: I have two machines: 192.168.1.1 192.168.1.2 Machine 2 has a ssh server and I created a tunnel in machine 1 such as: ssh -CfND 7777 [email protected] -4 I ran above command in machine ...
- 11.2k
0votes
1answer
30views
Iptables does not apply drop policy for other ports
I'm running a server where iptables is configured with a default DROP policy and I’ve only explicitly allowed certain ports (e.g., HTTP, HTTPS, SSH on port 22, etc.). Despite never adding a rule for ...
1vote
0answers
31views
Is it possible to route GTP traffic in Linux?
I want to be able to route GTP-U traffic that arrives to my linux through two different interfaces. However, I want to route it using information inside the tunnel: inner ip addresses. My machine is ...
- 11
1vote
0answers
16views
What does the phrase "consider native interface" refer to when the nftables wiki says that xt_bpf match is unsupported
In this list of unsupported xtables features. xt_bpf is listed as one of the unsupported features. The comment says to "consider native interface". But what interface is being referred to ...
- 549
3votes
1answer
108views
Why can't I connect a network namespace to the Internet?
I've seen other answers on this site and read an article and watched a video on the topic, but I still can't connect my network namespace to the outside world. Setup I created a namespace named "...
1vote
2answers
37views
IPIP tunnel between two docker containers on separate servers
Thank you in advance for your attention to my question and your help. I have a rather specific task. I need to set up an IPIP tunnel between two Docker containers located on different physical servers....
- 11
0votes
1answer
26views
Upgraded k8 worker node from ubuntu 20.04 to 22.04. DNS resolution/networking inside pods doesn’t work & pods keep crashing/restarting
I have a k8 cluster based on Ubuntu 20.04 1 master and 3 worker nodes. I drained one of the worker node. Put kubectl,iptables, kubeadm, kubelet & containerd packages on hold. OS upgrade to 22.04, ...
0votes
1answer
46views
How to set `iptables` so NTP works while internet access is blocked
I want to configure iptables such that it blocks everything except Date time synchronization over the internet using NTP and Access from machines in the LAN. I wrote the following script: # Reset ...
- 278
1vote
1answer
104views
How do I use iptables to redirect a port when the destination is my own IP address?
I've successfully redirected incoming requests from port 53 to 3053 using iptables PREROUTING table I've successfully redirected local requests from port 53 to 3053 using iptables OUTPUT table as long ...
- 349
0votes
0answers
59views
How to use iptables on Ubuntu?
I am looking the output of sudo iptables -L --line-numbers I got Chain ufw-before-forward (1 references) num target prot opt source destination 1 ACCEPT all -- ...
1vote
0answers
35views
Binding a process to an interface
I have here a process from which I do not want to access the internet, except from my company VPN. My company VPN is using a tun device. If the VPN is not active or does not work, the expected ...
- 10.3k
0votes
1answer
43views
iptables: blocking all traffic to 80 and 443 ports, but still getting traffic
I'm trying to learn how to work with iptables. I tried to stop all traffic by http and https. My INPUT and OUTPUT chains were empty. I initially did the following: sudo iptables -A OUTPUT -p tcp --...
1vote
0answers
270views
nft rules added to table inet filter do not work
I am running a Ubuntu Server and I am trying to allow some traffic to pass from one interface to another. The server is configured to route traffic, this is the topology: 172.16.0.0/12 --- ...
- 121
0votes
0answers
92views
What are the correct iptables rules for an ipsec site to site?
I am trying to configure an IPSEC site to site using strongswan on Debian 12. The VPN is UP, as shown below Status of IKE charon daemon (strongSwan 5.9.8, Linux 6.1.0-30-cloud-amd64, x86_64): ...
2votes
1answer
44views
iptables-save appears to have inconsistent behaviour
I've been using the iptables-save command recently (combined with iptables-restore) and noticed some inconsistent behaviour that I don't understand. I'm sure it's not a bug as it's far too popular a ...
- 123
