Tag: iptables

Making a service available on more ports with iptables

If you need services to be availble on multiple ports, you can use: iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 1000 -j REDIRECT --to-port 25 --match comment --comment "Explain." Read More »
By halfgaar, 1 year ago, on December 23, 2010, at 16:12 | No comments

Making a port forwarded machine available from within the LAN

When you forward a port to an internal machine on the network, you still can't access that host using your WAN-IP from within the LAN. This article explains it well. In short, it's because the reply the machine your connecting to makes, goes to the LAN IP directly, and not back through the router. Read More »
By halfgaar, 2 years ago, on July 23, 2010, at 13:07 | No comments

Saving and loading iptables rules on Debian

For some reason, Debian can't do "/etc/init.d/iptables save". So, we have to fix something ourselves. I used this article as source, which also has some useful comments. Apparently, the iptables initscript used to exist... Read More »
By halfgaar, 2 years ago, on February 03, 2010, at 14:02 | No comments

Convenient iptables rules

Here are some convenient iptables rules. This first list is for not allowing anything in, accept packets that come back from outgoing connections, complicated related traffic like FTP, everything from the localhost, ICMP (ping and stuff) and SSH. It also sets the default policy to DROP. This you would use on a machine connected directly to the internet. Read More »
By halfgaar, 2 years ago, on January 04, 2010, at 12:01 | No comments

Iptables rule to block access to our IMAP server

When migrating to Zimbra, I don't want people to fiddle with their mail when I'm doing it, so I disable IMAP access from anything but the virtual machine instance in which Zimbra is running. I do that with this: Read More »
By halfgaar, 2 years ago, on December 21, 2009, at 15:12 | No comments