How do I use iptables / kernel 2.4.x and RCF?
RCF Frequently Asked QuestionsRCF doesn't support iptables yet. Not to worry, ipchains will be supported for quite some time in the 2.4 kernels. (Refer to netfilter.filewatcher.org/unreliable-guides/packet-filtering-HOWTO/index.html) RCF will be ported to iptables eventually, but since defining a firewall with iptables is a far more complex matter than with ipchains, don't expect a reliable version (of any firewall for that matter) to come out soon. To use RCF with a 2.4 kernel you need to compile support for ipchains.
Related QuestionsCan I use iptables ?
Frequently Asked Questions - Linux-VServerYes but right now only on the host (rootserver). Please realize that all traffic is local and will not touch the forward chain. capabilities are not enabled in kernel-setup please check that CONFIG_SECURITY_CAPABILITIES is loaded or included in the kernel. ( check with "cat /path_to_kernel/.config
Related QuestionsHow do I use IPTABLES to limit PTP??
Wireless ISP Equipment Manufacture-Demarc Technology GroupsIn this example you would allow all the traffic that you want on your network then limit anything that does not match to a max of 25 connections in effect limiting PtP and anything unknown traffic :
Related QuestionsAre there any easier ways to use these iptables rules?
Linux Gamers' FAQYes, they are in the mistwall firewall package available here: http://www.timedoctor.org/files/mistwall.tar.bz2
Related QuestionsHow can I use IPTABLES under "advanced firewall and port forwarding"??
Wireless ISP Equipment Manufacture-Demarc Technology Groupsquot;iptables" commands can be entered into "advanced firewall and port forwarding" as and will be passed though to the firewall scripts, examples:
Related Questionslt;|SNap|> will i be able to use iptables' nat table, prerouting, postrouting etc. with openwrt ?
OpenWrtlt;|SNap|> i'll be buying a WLAN AP/Router the next week and ever since i saw openwrt i'm thinking of replacing my celeron 333 and using the wlan router to do the routing lt;|SNap|> the thing is that USB (for a flash drive) would be a nice option, so i'm choosing between linksys wrt54g and asus wl500g lt;[mbm]> they both work but more people have the wrt54g/wrt54gs (somewhat hard to find the asus in a retail store) lt;|SNap|> i've read quite a few IRC logs from the openwrt page, foru.
Related QuestionsThese iptables rules do not seem to work for me, any ideas as to why?
Linux Gamers' FAQThe iptables rules are written for PPP dial-up connections. You may need to change the -i ppp0 part to -i eth1 for some types of broadband connections. You will most likely have to change the IP value from 192.168.0.4 to the IP of the box on your network which is hosting the server.
Related QuestionsDo I need extensive iptables knowledge?
FIAIF is an Intelligent FirewallNo, but you need to know how basic firewalling and networking theory, in order to exploit FIAIF to the fullest.
Related QuestionsDo I need to compile iptables into the kernel?
Firewall BuilderIptables can either be compiled into the kernel or as a modules, it does not really matter. If some of the modules are missing, then respective feature won't work and you will get an error trying to load generates script. For example, if you compile everything into the kernel and leave ipt_LOG module out, then logging will stop working and you will get errors trying to load rules with logging turned on.
Related QuestionsIs the produced iptables firewall optimized?
FireHOL, Frequently Asked QuestionsYou have to understand that FireHOL is a generic tool. As such, you gain something and you loose something. Except the fact that all FireHOL configuration rules take one iptables chain (that is one "jump") the produced rules are fully optimized. In many cases, this "jump" optimizes the firewall even further (for example in interface and router statements), while in other cases the "jumps" could be moved to a place where they are really necessary (it is not possible to avoid them).
Related QuestionsPerhaps a combination of iptables, QoS, SNORT etc. would do the job??
LVS: Ipvsadm and SchedulersHmm, you might need to use QoS or probably better would be to write a scheduler which uses the rate estimator in IPVS. 2. ban a source ip if it goes beyond a certain number "requests-per-time-interval" A scheduler could do that for you, although I do not think this is a good idea. 3.
Related QuestionsWhere's that dang IPTABLES script by Derek I keep hearing about?
Linux FAQDo you have other questions you'd like to see answered? Let us know. We can't guarantee we'll answer them, but you'll never know unless you ask!
Related Questionslt;y354C> How do I get iptables running?
OpenWrtlt;K'zan> [mbm]: That is what I am doing starting with the one in OpenWRT :-). This little box is really good for me :)
Related QuestionsHow do I tell my iptables-based firewall to allow Amanda through?
Chapter 19. Amanda FAQUse something like iptables -A INPUT -p udp -s $AMANDA_SERVER -d $AMANDA_CLIENT --dport 10080 -j ACCEPT and load the ip_conntrack_amanda kernel module. I use the following in /etc/modprobe.conf: options ip_conntrack_amanda master_timeout=2400 install ip_tables /sbin/modprobe --ignore-install ip_tables && /sbin/modprobe ip_conntrack_amanda This sets the UDP timeout for Amanda packets to 2400 seconds, up from the default 300 (don't hold me to that, it might be 600).
Related QuestionsHow do I forward my Andrew Henderson's Sid Meier's Alpha Centauri games with iptables?
Linux Gamers' FAQiptables -A PREROUTING -t nat -p udp -i eth0 --dport 32292:32996 -j DNAT --to 192.168.0.4:32292-32296
Related QuestionsHow do I lock a mac address to an IP using IPTABLES??
Wireless ISP Equipment Manufacture-Demarc Technology GroupsIn this example the the iptables command is saying, only allow traffic from 10.0.0.66 to MAC address 00:06:FB:45:45:FE
Related QuestionsHow do I build a transparent proxy using squid and iptables?
Problems at runtimeFirst, of course, you need a suitable DNAT or REDIRECT rule. Use REDIRECT only if squid is running on the NAT box itself. Example: iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to 192.168.22.33:3128 After that, you have to configure squid appropriately. We can only give short notes here, please refer to the squid documentation for further details. The squid.conf for Squid 2.
Related QuestionsWhy isn't the 'iptables -C' (--check) option implemented?
Problems at runtimeWell, first of all, we're lazy ;). To be honest, implementing a check option is almost impossible as soon as you start to do stateful firewalling. Traditional stateless firewalling bases it's decision just on information present in the packets header. But with connection tracking (and '-m state' based rules), the outcome of the filtering decision depends on header+payload, as well as header+payload of previous packets within this connection.
Related QuestionsFAQ 42) How can I tell which features my kernel and iptables support?
Shorewall FAQsAnswer: Use the shorewall[-lite] show capabilities command at a root prompt.gateway:~# shorewall show capabilities Loading /usr/share/shorewall/functions... Processing /etc/shorewall/params ... Processing /etc/shorewall/shorewall.conf... Loading Modules..
Related QuestionsI want to setup iptables, but the docs are hard to understand, how do I start?
redhat FAQWe get this question a lot and it brings up a valid point. What is the point of a powerful program if one cannot configure it properly? A big margin of hosts who have been compromised, were as a result of user-error and/or misconfigurations on part of the system administrator instead of a security hole created by a bug in the software. So until man files and documentation provide more useful examples to supplement their explanations, one must look for alternatives.
Related QuestionsWhen should I use it?
EDTA studiesUse the suppositories in the evening. Make sure that you have already gone to the bathroom at least once that day before using the suppositories.
Related QuestionsBirth Control FAQThere are a number of ways to start oral contraceptives. We usually have you start the pills on the Sunday after your normal menstrual period begins. If your period begins on Sunday, then start the pills on that Sunday. Take one pill at the same time of day, each day so you won't forget them, even if you are not going to have sex. NEVER take a friend's pill or someone else's pill. If you miss one pill, take it as soon as you remember.Related Questions
Abbott Molecular Inc.: FAQThe UroVysion Kit provides you with "a second set of eyes" that makes your cystoscopic examination more effective. UroVysion helps you to identify the presence of the following:Related Questions
Quit Smoking Stop Smoking - Frequently Asked QuestionsYou put one smoke free cig-rette in your package or pocket and every time you have the need for a cigarette you take out the smoke free instead. You do not light the smoke free, just inhale through it. Inhaling through the smoke free gives the smoker an oral sensation of a cigarette, something to do with your hands, and something to put in your mouth, just like a cigarette.Related Questions
Questions about lower blood pressure with breathing and musi...The average person typically breathes shallowly and quickly at a rate of 14 to 18 breaths per minute. Breathing more slowly than 10 breath per minute, for only 15 minutes a day, reduces blood pressure, stress, and anxiety. Many people also report improved sleeping and moods.Related Questions
Free Instant Messaging Services | Instant Messenger ProgramGo to Manage > My Preferences > Messages. At the bottom of the window check or uncheck the box that says, "Display time stamp for each message." Back to TopRelated Questions
