1. A

    How to use connection tracking with Forward?

    Hi everyone. I am setting up my firewall and want to close services, which open in docker too, in one place. So, my rules look like this: nft add table inet PREROUTING nft 'add chain inet PREROUTING lower_filter { type filter hook prerouting priority -130; policy drop; }' nft add rule inet...
  2. Terminal Velocity

    [solved] Enable DNS over TLS on Debian 11

    What I have tried: I followed this tutorial for Ubuntu: And in the ''Testing'' section they suggest to run from the terminal the command: sudo tcpdump -i 'port 853' In my system this command...
  3. C

    CentOS Stream 9 443 client request fail port 80 works (Firefox)

    Know nothing about Linux, having to set a box up for a consultant. Installed CentOS Stream 9 as a virtual on HyperV 2019 Enterprise. Traffic seems to route everywhere testing with Ping. both curl and firefox to the Internet fail on 443, but 80 works. Firewall is Fortigate. Inside the firewall...
  4. aleff

    Firewalling with iptables

    Hello everybody I'm new here and i come because i need an help because I'm not sure that i have firewalled correctly my computer. I used this instruction -P INPUT DROP -P FORWARD ACCEPT -P OUTPUT DROP -A INPUT -i wlp59s0 -m state --state ESTABLISHED -j ACCEPT -A OUTPUT -o wlp59s0 -m state...
  5. L

    Problems with Endian Firewall

    Hi everybody, first of all I'm sorry if my english shouldn't be good. btw, I'm new with endian fw and i'm having some issues. i successfully installed endian on vmware ESXI, and i configured it. I have the configuration of a working firewall and i'm trying to replicate it. the schematic of the...
  6. S

    Firewall turns itself off....(SOLVED).

    Running Arch derivative EndeavourOS. Have noticed the firewall keeps turning itself off. Have run sudo ufw enable and sudo ufw status which states its "active" but then I check on it again, a couple of log off/in's later and its off, again. Anyone else experienced this?
  7. S

    Centos Network Proxy

    Hi, I have made CentOS ver 7.5 as a Proxy (Apache) Server and I want to redirect this server to firewall using proxy setting. Means all the traffic coming to this CentOS proxy server should go to my firewall. Currently this server setup is in DC and traffic goes like; Users PC >> CentOS Server...
  8. U

    IPtables rules to NFTables rules

    OS: Debian 11 x86_64 I am looking to convert some of my iptable rules to nftables. I have tried to use iptables-translate, but it is not translating all of my rules. My original iptables script: #!/bin/sh sudo apt install iptables # accept ports 500 and 4500, required for IKEv2 sudo...
  9. smooth_buddha

    Lets talk Linux security! What security programs, CLI tools, GUi tools do you use to keep you linux system secure?

    Would love to hear what security tools, apps and programs any of you use to keep your system secure and safe, also any other security measures that you take like sandbox'ing or virtualization, or specific security based distros you like or prefur???? I personally use clamav and clamtk ...
  10. CoolerVoid

    Create your hidden firewall kernel module

    HiddenWall is a Linux kernel module generator for custom rules with netfilter. (block ports, Hidden mode, rootkit functions etc). The motivation: on bad situation, attacker can put your iptables/ufw to fall... but if you have HiddenWall, the attacker will not find the hidden kernel module that...
  11. CoolerVoid

    Hidden Firewall in Kernel Module

    HiddenWall is a Linux kernel module generator for custom rules with netfilter. (block ports, Hidden mode, rootkit functions etc). The motivation: on bad situation, attacker can put your iptables/ufw to fall... but if you have HiddenWall, the attacker will not find the hidden kernel module that...
  12. D

    Can't connect to vsftpd via Windows FZ

    Hi, I created a FTP server on my linux machine, and I can access it from any other Linux machine, but I can't access it from Windows Filezilla. It is a misconfiguration of the server's firewall, because if I disable it, it works fine. Here is the vsftpd log of a correct connection made by an...
  13. Feriman22

    Portscan Protection

    Hi, based on this solution I wrote a shell script, which is blocking port scanning, so nobody can find (or much more slowly) your "hidden" SSH or FTP port The protection based on built-in firewall. The script stored on GitHub: Portcan Protection I hope you find it useful! Best Regards, Feriman
  14. Nemesis

    Adding program rules to ufw application.d open ports to ALL apps?

    Hi all! I've been looking around for a solution to specify ufw firewallrules for a specific program. I found out that using the applications.d should do the trick. However, upon adding the rules to the firewall, the firewall opens the port for all applications, not only the one I specified...
  15. Nemesis

    Blocking all outgoing ports not allowed?

    Hi all! I'm trying to block all outgoing ports, so only my VPN client can access the net. No, I'm not using the terminal, I'm running Linux Mint 19.2, and the firewall gui. However, the firewall don't accept the ports (see screenshot) I can't press the add button, since it's grayed out. There...
  16. M

    Proxy and Firewall : What a relationship of rules between them.

    Hello everyone. Next, in my corporate environment, I have a Squid proxy and a PfSense firewall. My Squid is running perfectly and my PfSense is also in separate HOST. Each one with its respective IP. The doubt is as follows, I have rules that release and deny certain sites. I had the need to...
  17. M

    Blocking all IP's except for my public ip for ssh (UFW)

    Hello, I'm running a website on Apache2 ubuntu 18.04 and I was wondering how to block all ip addresses except for my public ip address for ssh. Trying to lock the server down as much as I can.
  18. D

    Security and VPN's

    I'm a new convert to Linux and very much like the usability. My main concern when switching over was security as I handle some sensitive information on my computer, and maybe have an all to healthy sense of paranoia. This is partly my reason for switching over. I have an account with CactusVPN...
  19. Rob

    What are you guys using for firewalls at home?

    I've been using untangle on a Dell r210 for the past few years - it's based on Debian and has been pretty solid. I've been thinking of switching to pfsense though to see what the differences are.