Questions tagged [iptables]
iptables allow creation of rules to define packet filtering behavior. The most reliable way to provide an iptables ruleset in a question is with the output of (as root): iptables-save -c
2,702 questions
0 votes
0 answers
51 views
Docker iptables behavior
I have two Redhat 8 virtual machines. I'm running Docker on both, in this case as a host for the application called Graphite. The VMs started out identical to each other, and I pulled the same Docker ...
1 vote
2 answers
54 views
Relay IP between hosts
This might be a trivial question: I have two hosts A and B that can access the internet behind NATs. Their NATs do not allow for hole-punching or any other way to connect them directly. Host C is a ...
- 11
0 votes
1 answer
55 views
iptables changes not having any effect [closed]
I was attempting to interrupt a TCP connection on my system, and was altering iptables rules using the iptables command. Nothing I did seemed to have any effect, though. Inserting and deleting rules ...
- 175
1 vote
2 answers
193 views
Drop all packets sent to localhost and particular port
I want to drop all packets sent to a particular port. I first tried using firewalld/iptables-nft settings but that failed (maybe they're being processed by the kernel only?). I succeeded in blocking ...
- 305
2 votes
1 answer
104 views
How to enable internet access for a bridge inside a Linux network namespace?
I've created two Linux network namespaces (ns1 and ns2), and inside each, I have: A bridge (ns1-br0, ns2-br0) A TAP device (tap0, tap1) connected to the respective bridge Each TAP device gets an IP ...
0 votes
1 answer
218 views
Allow specific IP addresses through iptables with Wireguard
I have a number of self hosted services on my home server, running Arch Linux. Context A number of these are held in Docker containers (each with their own Docker compose file), though one (Jellyfin) ...
- 26
1 vote
0 answers
67 views
How packet can get lost between filter INPUT and security INPUT chains of iptables?
From this flowchart https://stuffphilwrites.com/wp-content/uploads/2024/05/FW-IDS-iptables-Flowchart-v2024-05-22.png I know that packet goes from the INPUT chain of the filter table right into the ...
- 23
0 votes
1 answer
133 views
route traffic to 127.0.0.1
My scenario: I have two machines: 192.168.1.1 192.168.1.2 Machine 2 has a ssh server and I created a tunnel in machine 1 such as: ssh -CfND 7777 [email protected] -4 I ran above command in machine ...
- 11.3k
0 votes
1 answer
65 views
Iptables does not apply drop policy for other ports
I'm running a server where iptables is configured with a default DROP policy and I’ve only explicitly allowed certain ports (e.g., HTTP, HTTPS, SSH on port 22, etc.). Despite never adding a rule for ...
1 vote
0 answers
72 views
Is it possible to route GTP traffic in Linux?
I want to be able to route GTP-U traffic that arrives to my linux through two different interfaces. However, I want to route it using information inside the tunnel: inner ip addresses. My machine is ...
- 11
1 vote
0 answers
53 views
What does the phrase "consider native interface" refer to when the nftables wiki says that xt_bpf match is unsupported
In this list of unsupported xtables features. xt_bpf is listed as one of the unsupported features. The comment says to "consider native interface". But what interface is being referred to ...
- 599
3 votes
1 answer
240 views
Why can't I connect a network namespace to the Internet?
I've seen other answers on this site and read an article and watched a video on the topic, but I still can't connect my network namespace to the outside world. Setup I created a namespace named "...
- 133
1 vote
2 answers
148 views
IPIP tunnel between two docker containers on separate servers
Thank you in advance for your attention to my question and your help. I have a rather specific task. I need to set up an IPIP tunnel between two Docker containers located on different physical servers....
- 11
0 votes
1 answer
199 views
Upgraded k8 worker node from ubuntu 20.04 to 22.04. DNS resolution/networking inside pods doesn’t work & pods keep crashing/restarting
I have a k8 cluster based on Ubuntu 20.04 1 master and 3 worker nodes. I drained one of the worker node. Put kubectl,iptables, kubeadm, kubelet & containerd packages on hold. OS upgrade to 22.04, ...
0 votes
1 answer
191 views
How to set `iptables` so NTP works while internet access is blocked
I want to configure iptables such that it blocks everything except Date time synchronization over the internet using NTP and Access from machines in the LAN. I wrote the following script: # Reset ...
- 286