• We had to restore from a backup today after a failed software update. Backup was from 0000 EDT and restored it at 0800 EDT so we lost about 8hrs. Today is 07/20/2024. More info here.


  1. U

    Which Linux firewall do you use?

    Hi, I'm new to this forum. Which firewall do use and why? I'm currently using ufw because I have (or had up until a week ago) no experience setting up firewalls but I was able to do what I wanted to do with ufw that is block all outgoing traffic on my computer to ports 80 and 443 and then...
  2. hal_sk

    Firewall basic settings

    Hello, I run VPS with public IP with mail and web server on it. I have heard it might be good idea to set up a firewall. So I did these ufw settings, hoping, it will only allow ssh, mail and web related ports. And then rebooted VPS. Status: active Logging: on (low) Default: deny (incoming)...
  3. CaffeineAddict

    Solved Are iptables an obstacle if using nftables?

    I have nftables configured and that's what's used for firewalling, but out of curiosity I've run iptables in terminal and figured out it's installed and configured to allow all traffic. I'm not sure how is it possible that 2 firewalls are installed at the same time. I don't know if iptables...
  4. T

    Blocking Apple DNS

    I want to block Apple services on Apple devices, primarily APNS (Apple Push Notification Service). My plan was as follows: Use a VPS (Virtual Private Server) with Squid Proxy and Adguard in Docker. This way, I can simply go to the Wi-Fi settings on my iPad, configure the proxy and DNS. Up...
  5. A

    How to use connection tracking with Forward?

    Hi everyone. I am setting up my firewall and want to close services, which open in docker too, in one place. So, my rules look like this: nft add table inet PREROUTING nft 'add chain inet PREROUTING lower_filter { type filter hook prerouting priority -130; policy drop; }' nft add rule inet...
  6. Terminal Velocity

    [solved] Enable DNS over TLS on Debian 11

    What I have tried: I followed this tutorial for Ubuntu: https://www.ubuntubuzz.com/2022/04/enable-browsing-with-dns-over-tls-dot-on-ubuntu-made-easy.html And in the ''Testing'' section they suggest to run from the terminal the command: sudo tcpdump -i 'port 853' In my system this command...
  7. C

    CentOS Stream 9 443 client request fail port 80 works (Firefox)

    Know nothing about Linux, having to set a box up for a consultant. Installed CentOS Stream 9 as a virtual on HyperV 2019 Enterprise. Traffic seems to route everywhere testing with Ping. both curl and firefox to the Internet fail on 443, but 80 works. Firewall is Fortigate. Inside the firewall...
  8. aleff

    Firewalling with iptables

    Hello everybody I'm new here and i come because i need an help because I'm not sure that i have firewalled correctly my computer. I used this instruction -P INPUT DROP -P FORWARD ACCEPT -P OUTPUT DROP -A INPUT -i wlp59s0 -m state --state ESTABLISHED -j ACCEPT -A OUTPUT -o wlp59s0 -m state...
  9. L

    Problems with Endian Firewall

    Hi everybody, first of all I'm sorry if my english shouldn't be good. btw, I'm new with endian fw and i'm having some issues. i successfully installed endian on vmware ESXI, and i configured it. I have the configuration of a working firewall and i'm trying to replicate it. the schematic of the...
  10. S

    Firewall turns itself off....(SOLVED).

    Running Arch derivative EndeavourOS. Have noticed the firewall keeps turning itself off. Have run sudo ufw enable and sudo ufw status which states its "active" but then I check on it again, a couple of log off/in's later and its off, again. Anyone else experienced this?
  11. S

    Centos Network Proxy

    Hi, I have made CentOS ver 7.5 as a Proxy (Apache) Server and I want to redirect this server to firewall using proxy setting. Means all the traffic coming to this CentOS proxy server should go to my firewall. Currently this server setup is in DC and traffic goes like; Users PC >> CentOS Server...
  12. U

    IPtables rules to NFTables rules

    OS: Debian 11 x86_64 I am looking to convert some of my iptable rules to nftables. I have tried to use iptables-translate, but it is not translating all of my rules. My original iptables script: #!/bin/sh sudo apt install iptables # accept ports 500 and 4500, required for IKEv2 sudo...
  13. smooth_buddha

    Lets talk Linux security! What security programs, CLI tools, GUi tools do you use to keep you linux system secure?

    Would love to hear what security tools, apps and programs any of you use to keep your system secure and safe, also any other security measures that you take like sandbox'ing or virtualization, or specific security based distros you like or prefur???? I personally use clamav and clamtk ...
  14. CoolerVoid

    Create your hidden firewall kernel module

    HiddenWall is a Linux kernel module generator for custom rules with netfilter. (block ports, Hidden mode, rootkit functions etc). The motivation: on bad situation, attacker can put your iptables/ufw to fall... but if you have HiddenWall, the attacker will not find the hidden kernel module that...
  15. CoolerVoid

    Hidden Firewall in Kernel Module

    HiddenWall is a Linux kernel module generator for custom rules with netfilter. (block ports, Hidden mode, rootkit functions etc). The motivation: on bad situation, attacker can put your iptables/ufw to fall... but if you have HiddenWall, the attacker will not find the hidden kernel module that...
  16. D

    Can't connect to vsftpd via Windows FZ

    Hi, I created a FTP server on my linux machine, and I can access it from any other Linux machine, but I can't access it from Windows Filezilla. It is a misconfiguration of the server's firewall, because if I disable it, it works fine. Here is the vsftpd log of a correct connection made by an...
  17. Feriman22

    Portscan Protection

    Hi, based on this solution I wrote a shell script, which is blocking port scanning, so nobody can find (or much more slowly) your "hidden" SSH or FTP port The protection based on built-in firewall. The script stored on GitHub: Portcan Protection I hope you find it useful! Best Regards, Feriman
  18. Nemesis

    Adding program rules to ufw application.d open ports to ALL apps?

    Hi all! I've been looking around for a solution to specify ufw firewallrules for a specific program. I found out that using the applications.d should do the trick. However, upon adding the rules to the firewall, the firewall opens the port for all applications, not only the one I specified...
  19. Nemesis

    Blocking all outgoing ports not allowed?

    Hi all! I'm trying to block all outgoing ports, so only my VPN client can access the net. No, I'm not using the terminal, I'm running Linux Mint 19.2, and the firewall gui. However, the firewall don't accept the ports (see screenshot) I can't press the add button, since it's grayed out. There...
  20. M

    Proxy and Firewall : What a relationship of rules between them.

    Hello everyone. Next, in my corporate environment, I have a Squid proxy and a PfSense firewall. My Squid is running perfectly and my PfSense is also in separate HOST. Each one with its respective IP. The doubt is as follows, I have rules that release and deny certain sites. I had the need to...