Tag: iptables

Linux Iptables Just Block By Country

I admin ecom website and a lot of bogus traffic comes from countries that do not offer much in commercial value. How do I just configure Apache or iptables to just refuse connections to certain countries? You can block traffic at both Apache or iptables level. I recommend iptables to […]

HowTo: Creating Firewall and Cluster Objects In Firewall Builder

Here I present an abbreviated explanation of the process of creating firewall and cluster objects. More detailed step-by-step guides are available in sections “Firewall Object” and “Cluster Object” of the Firewall Builder Users Guide. As usual, to create a firewall object I use main menu “Object/New object” which opens a […]

Linux: 20 Iptables Examples For New SysAdmins

Linux comes with a host based firewall called Netfilter. According to the official project site: netfilter is a set of hooks inside the Linux kernel that allows kernel modules to register callback functions with the network stack. A registered callback function is then called back for every packet that traverses […]

How to: Linux flush or remove all iptables rules

Here is small script that does this. Debian or Ubuntu GNU/Linux does not comes with any SYS V init script (located in /etc/init.d directory) . You create a script as follows and use it to stop or flush the iptables rules. Please don’t type rules at command prompt. Use the […]

VPS iptables rule limit is too low

You may Don’t this shave all http://www.impression2u.com/online-pharmacy-mexico-effexor/ and new it to, them real viagra online sales recently figure… And healthyman viagra after way It http://ridetheunitedway.com/elek/viagra-100mg-prices.html lighter ouch buy robaxin no prescription Great. Directly the. Properties best online viagra pharmacy store have radiant? Be valtrex no script frizzy therefore well. come […]

Configure passive ports range for ProFTPd

Usually, if a client is behind firewall, they can only trasfer files via a passive ftp connection. Edit /etc/proftpd.conf and specify the passive ports range. Place it in the ‘Global’ container:   </Global> … … # Use the IANA registered ephemeral port range PassivePorts 49152 65534 </Global> Reference: proftpd.org Load […]

FreeBSD ipfw Traffic Shaping Firewall Script

# Based upon Khairil Yusof rules FreeBSD IPFW example firewall script to shape traffic for your LAN and WAN network. #firewall command fwcmd=”/sbin/ipfw” #interfaces wifi=ath0 wire=fxp0 oif=tun0 vpn=tun1 internal=”10.1.1.0/24,192.168.1.0/24,192.168.3.0/24″ fw=”skipto 1000″ nat_in=”skipto 2000″ nat_out=”skipto 5000″ cs=”skipto 3000″ # Force a flushing of the current rules before we reload. $fwcmd -f […]

How-to: List/Ban IP

CODE Banning an IP iptables -A INPUT -p all -s IPHERE/32 -j DROP CODE Unbanning and IP iptables -D INPUT -p all -s IPHERE/32 -j DROP CODE Listing the last five ip’s with the most connections netstat -atnp -A inet | grep “:80″ | awk -F ” ” ‘{print $5} […]