Skip to content

Tag: iptables

Iptables: limiting amount of connections per IP

Short and improved version of this. Read More »

Making a service available on more ports with iptables

If you need services to be availble on multiple ports, you can use: iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 1000 -j REDIRECT --to-port 25 --match comment --comment "Explain." Read More »

Making a port forwarded machine available from within the LAN

When you forward a port to an internal machine on the network, you still can't access that host using your WAN-IP from within the LAN. This article explains it well. In short, it's because the reply the machine your connecting to makes, goes to the LAN IP directly, and not back through the router. Read More »

Saving and loading iptables rules on Debian

For some reason, Debian can't do "/etc/init.d/iptables save". So, we have to fix something ourselves. I used this article as source, which also has some useful comments. Apparently, the iptables initscript used to exist... Read More »

Convenient iptables rules

Here are some convenient iptables rules. This first list is for not allowing anything in, accept packets that come back from outgoing connections, complicated related traffic like FTP, everything from the localhost, ICMP (ping and stuff) and SSH. It also sets the default policy to DROP. This you would use on a machine connected directly to the internet. Read More »

Iptables rule to block access to our IMAP server

When migrating to Zimbra, I don't want people to fiddle with their mail when I'm doing it, so I disable IMAP access from anything but the virtual machine instance in which Zimbra is running. I do that with this: Read More »