Tag: iptables

Linux: Iptables # 20 Allow ORACLE server incoming request?

Oracle is powerful enterprise class database server and by default it listen on TCP port 1521. Following iptable rules allows incoming client request (open port 1521) for server IP address : iptables -A INPUT -p tcp -s 0/0 –sport 1024:65535 -d –dport 1521 -m state –state NEW,ESTABLISHED -j […]

Using NAT for container with private IPs

Usually you supply public IP addresses to your containers. Sometimes you don’t want to do it (lack of IPs, etc.). This article describes how to use private IP addresses for containers. Contents 1 Prerequisites 1.1 IP forwarding 1.2 IP conntracks 2 How to provide access for container to Internet 3 […]

Anti SYN Flood with IPTables

#!/bin/sh # A simple shell to build a Firewall anti SYN Flood # Under CentOS, Fedora and RHEL / Redhat Enterprise Linux # servers. # —————————————————————————- # Written by LongVNIT # (c) 2009 lifeLinux under GNU GPL v2.0+ IPT=”iptables” MODPROBE=”modprobe” IF=”eth0″ IP=”″ PORT=”22 80 443″ CHECK_TIME=60 BAN_TIME=120 HITCOUNT=10 MOD=”ip_tables ip_conntrack […]

Sending emails using a different IP address

You can send emails of your server from an additional IP of your server instead of the main IP using iptables. Here is the iptable command: iptables -t nat -A POSTROUTING -o eth0 -p tcp -j SNAT –dport 25 –to-source IPAddress where, “IPAddress” is the additional IP of your server. […]

Linux: Block Port With IPtables

How do I block port number with iptables under Linux operating systems? Port numbers which are recognized by Internet and other network protocols, enabling the computer to interact with others. Each Linux server has a port number (see /etc/services file). For example: TCP port 80 – HTTP Server TCP port […]

How to Block Ftp Access/Port using iptables OR CSF?

The default firewall that comes along with Linux is “iptables” and you can use iptables to block Ftp access/port on your server. Completely block Ftp access on the server: # iptables -A INPUT -p tcp –dport 21 -j DROP Block Ftp access for a specific IP address, say # […]

VPS iptables rule limit is too low.

You may come across with a “numiptent” error message while restarting iptables or whatever firewall (say csf) you have installed on your VPS. The error appear as follows: The VPS iptables rule limit (numiptent) is too low (200/250) – stopping firewall to prevent iptables blocking all connections There is a […]

HowTo: Add iptable modules on a VPS

If you receive the following error on restating iptables on a VPS: error message: from firewall software ~ iptables: Unknown error 4294967295 you need to make sure the required iptable modules are loaded in the host server kernel. You have to use modprobe to load the following modules in the […]

Howto: Open port using IPtables

Howto open ports using iptables, see the following examples: Open port 25 (SMTP) for the SOURCE_IP address: iptables -A INPUT -p tcp -s SOURCE_IP  –dport 25  -j ACCEPT Open port 22 (SSH) for the SOURCE_IP address to a specific DESTINATION_IP address iptables -A INPUT -p tcp -s SOURCE_IP –dport 22 […]

Iptables ip_conntrack: table full, dropping packet error and solution centos6

My Centos 6  server reporting the following message in /var/log/messages (syslog): ip_conntrack: table full, dropping packet. How do I fix this error? A: If you notice the above message in syslog, it looks like the conntrack database doesn’t have enough entries for your environment. Connection tracking by default handles up […]