Strange dmesg UFW messages… lots of them I’ve done some digging but haven’t been able to find something that explains below message I found in dmesg? It’s obvious the UFW firewall is blocking something, but I am not having any success in tracking down what is causing it. [1170462.231472] [UFW BLOCK] IN=ens3 OUT= MAC=01:00:5e:00:00:01:d8:d5:b9:00:68:9c:08:00 SRC=0.0.0.0 …
How to define port forwarding I run a server with a web server running as a rootless podman container. This exposes ports 10080 and 10443 because, as a rootless container, it is not allowed to expose ports 80 and 443. So that my website can be accessed from outside, I use ufw as a firewall …
UFW Couldn't determine iptables version I am building a custom embedded Linux platform based on the NXP i.MX8 with Yocto. I want to use UFW to setup the firewall. When I boot the system and try to use UFW it returns an error Couldn’t determine iptables version. I have the iptables and nftables packages installed. …
nftables doesn't see KDE Connect packets between two machines on the same interface I’m using nftables on a router running NixOS 22.11 (with the latest XanMod kernel patches and acpid as well as irqbalance enabled). The machine has 3 interfaces: enp4s0 which is connected to the internet and two local WiFi access points serving distinct …
strange entries in ufw log I have a very permissive firewall configuration, where I have almost all ports open: $ sudo ufw status verbose Status: active Logging: on (low) Default: allow (incoming), allow (outgoing), deny (routed) New profiles: skip To Action From — —— —- Anywhere ALLOW IN 127.0.0.1 Anywhere ALLOW IN 10.0.0.0/16 53 DENY …
IP addresses of ubuntu servers which apt-get connects My server uses Ubuntu 22.04 LTS. I have a very restricted firewall (UFW), that is, I have run these commands: sudo ufw default deny outgoing sudo ufw default deny incoming But, I would like my system to be updated so, I need to enable only the necessary …
what is 'target: default' of a zone's configuration in firewalld? I am currently using ubuntu 20.04 machine and installed firewalld as the firewall manager service. While looking at the configuration of ‘public zone’ , i can see as below, public (active) target: default icmp-block-inversion: no interfaces: eth0 sources: services: dhcpv6-client dns http https mysql squid …
UFW not blocking connection I am using the Cloudflare IPv4 and IPv6 lists to block all connections to my server from any IP that is not owned by Cloudflare. When I run sudo ufw status on the server I get: Status: active To Action From — —— —- 80,443/tcp ALLOW 173.245.48.0/20 # Cloudflare IP 80,443/tcp …
What subsystem is responsible if I can connect via s2s VPN connection only in one direction? I have configured the following s2s VPN (in pfSense) connection which is working in general. Unfortunately, I can connect (ping, netcat, ssh) only from client to the server, but not back. If I can ssh normally, it means that …
What is the correct way to increase nf_conntrack in ubuntu 18.04? Yesterday I had issues with my database server dropping packets with: [Tue Feb 28 21:01:00 2023] nf_conntrack: nf_conntrack: table full, dropping packet I know there a plenty of solutions easy to find in google to increase the table size. So I did sysctl -w …
How to block connection from eth1 through firewall daemon? I have Debian 11 using the new Firewall Daemon, and I have a device connected to eth1. I want to block all connections from internet or any IP other than the local IP in the range 10.147.20.0/24. Is it possible using firewall? I tried block zone, …
How to secure the tap interface with nftables The Qemu VM can be connected to LAN mainly in two ways: type=user or type=tap. The user mode completely isolate the VM in private network, which is sNATed to host main network stack. The use of tap is more complicated, it needs a virtual bridge to become …
NFTables and g(ufw) I am going to install Xubuntu 22.04 on one of my computers and i have a question about firewall. As i understand Ubuntu use NFTables now. I have noticed some information about Debian (which is base for Ubuntu) using NFTables now. And Debian wiki says If you want to enable a default …
UFW not fully loading rules on startup I have a server with default deny and several UFW rules. UFW is enabled on startup (systemctl enable UFW). When I reboot only some of the rules don’t get applied properly and I can’t access some services. I can SSH into the server, and the lower ports (<1024) …
Not able to run application using external IP in GCP I have set up an ubuntu 18.04 machine with 16 gb memory in GCP. Have reserved a static address and created a firewall rule where i have allowed TCP port 8888. IP range i have given 0.0.0.0/32. Installed jupyter lab and its running fine on …
iptables to block http and ssh in one direction I have a topology where there is a Linux as a router that connects two Linux, and I want to use iptables to filter ssh and HTTP in one direction. I used the below code but it didn’t work! I really appreciate any help you can …
How to find out the program from iptables log Testing the ping on ubuntu 22.04: Host A IPv6: 1111:1111:1111:1111:1111:1111:1111:1111 Host B IPv6: 2222:2222:2222:2222:2222:2222:2222:2222 Host A: Now execute a ping from Host A with the following bash command: root@host_a:~# ping -6 2222:2222:2222:2222:2222:2222:2222:2222 Host B: The iptables dropped some packets and log it to the file: Dec …
My Ubuntu Server Ports got locked I just tried to join to my Jenkins on my VPS as usual. When I try to access the URL it returns the error code ERR_CONNECTION_TIMED_OUT. This happens as well with port 8080 for my website and other ports. I can join to my SSH session. The ports are …
Should I be concerned about these UFW blocked traffic? I just installed ufw on a newly provisioned Ubuntu 22.04 Server. It is currently set up to deny all traffic except ssh on an alternate port. I’m getting this pattern of blocked traffic: Oct 6 10:09:57 mydomain kernel: [ 285.236376] [UFW BLOCK] IN=eth0 OUT= MAC=[myMACaddress] SRC=92.63.197.132 …
How do we access the "icmp" protocol in ip6tables? The ip6tables command accepts icmp and icmpv6 protocols: $ sudo ip6tables -A INPUT -p icmp -j ACCEPT $ sudo ip6tables -A INPUT -p ipv6-icmp -j ACCEPT However, when I test with the ping command: $ ping6 fe80::a00:1234:1234:1234%eth1 I never hit the icmp rule: Chain INPUT (policy …
