SOLVED -ip6tables - configurationHow can I set up GUFW so that only firefox connects to the internetiptables...
"Whatever a Russian does, they end up making the Kalashnikov gun"? Are there any similar proverbs in English?
Extension of 2-adic valuation to the real numbers
How much cash can I safely carry into the USA and avoid civil forfeiture?
What happens to Mjolnir (Thor's hammer) at the end of Endgame?
Can I grease a crank spindle/bracket without disassembling the crank set?
Was there a shared-world project before "Thieves World"?
How did Captain America manage to do this?
Why do distances seem to matter in the Foundation world?
Why was the Spitfire's elliptical wing almost uncopied by other aircraft of World War 2?
Can someone publish a story that happened to you?
Map of water taps to fill bottles
How do I check if a string is entirely made of the same substring?
Pulling the rope with one hand is as heavy as with two hands?
How could Tony Stark make this in Endgame?
Classification of surfaces
Re-entry to Germany after vacation using blue card
How to stop co-workers from teasing me because I know Russian?
Can we say “you can pay when the order gets ready”?
Minor Revision with suggestion of an alternative proof by reviewer
Dynamic SOQL query relationship with field visibility for Users
How exactly does Hawking radiation decrease the mass of black holes?
Which big number is bigger?
Pre-plastic human skin alternative
How do I reattach a shelf to the wall when it ripped out of the wall?
SOLVED -ip6tables - configuration
How can I set up GUFW so that only firefox connects to the internetiptables problemConfiguration of iptables (verfication, actives services, allow FTP)Want some advanced configuration with ufwFailed to start netfilter-persistent configurationForward FTP to another ServerSSH over VPN on Ubuntu Client Does not use Tun0Tor Browser Bundle/Tor and IPTables: Seeking a Working Setupftp port 21 and 20 not showingIPtables configuration
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}
I'm creating another thread for my ip6tables config.
ip6tables -F
ip6tables -X
ip6tables -t nat -F
ip6tables -t nat -X
ip6tables -t mangle -F
ip6tables -t mangle -X
ip6tables -P INPUT DROP
ip6tables -P FORWARD DROP
ip6tables -P OUTPUT DROP
# Autorise les connexions déjà établies et localhost
ip6tables -A INPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT
#ip6tables -A OUTPUT -o lo -j ACCEPT
#TOR
ip6tables -A OUTPUT -p tcp -m tcp --dport 9050 -j ACCEPT
# ICMP (Ping)
ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -A OUTPUT -p icmpv6 -j ACCEPT
# DNS
ip6tables -A OUTPUT -p tcp --dport 53 -j ACCEPT
ip6tables -A OUTPUT -p udp --dport 53 -j ACCEPT
# HTTP
ip6tables -A OUTPUT -p tcp --dport 80 -j ACCEPT
#HTTPS
ip6tables -A OUTPUT -p tcp --dport 443 -j ACCEPT
# Mail SMTP
ip6tables -A INPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 465 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 465 -j ACCEPT
#Transmission
ip6tables -A INPUT -p udp --dport 51413 -j ACCEPT
ip6tables -A OUTPUT -p udp --sport 51413 -j ACCEPT
# NTP (horloge du serveur)
ip6tables -A OUTPUT -p udp --dport 123 -j ACCEPT
# On log les paquets en entrée.
ip6tables -A INPUT -j LOG
exit 0
Everything works... except smtp. I just don't understand why. Can you please help me understand what's happening ?
Thanks in advance !
EDIT : solved !
networking security iptables firewall
asked 18 hours ago
redravenredraven
62
New contributor
redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
I'm creating another thread for my ip6tables config.
ip6tables -F
ip6tables -X
ip6tables -t nat -F
ip6tables -t nat -X
ip6tables -t mangle -F
ip6tables -t mangle -X
ip6tables -P INPUT DROP
ip6tables -P FORWARD DROP
ip6tables -P OUTPUT DROP
# Autorise les connexions déjà établies et localhost
ip6tables -A INPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT
#ip6tables -A OUTPUT -o lo -j ACCEPT
#TOR
ip6tables -A OUTPUT -p tcp -m tcp --dport 9050 -j ACCEPT
# ICMP (Ping)
ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -A OUTPUT -p icmpv6 -j ACCEPT
# DNS
ip6tables -A OUTPUT -p tcp --dport 53 -j ACCEPT
ip6tables -A OUTPUT -p udp --dport 53 -j ACCEPT
# HTTP
ip6tables -A OUTPUT -p tcp --dport 80 -j ACCEPT
#HTTPS
ip6tables -A OUTPUT -p tcp --dport 443 -j ACCEPT
# Mail SMTP
ip6tables -A INPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 465 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 465 -j ACCEPT
#Transmission
ip6tables -A INPUT -p udp --dport 51413 -j ACCEPT
ip6tables -A OUTPUT -p udp --sport 51413 -j ACCEPT
# NTP (horloge du serveur)
ip6tables -A OUTPUT -p udp --dport 123 -j ACCEPT
# On log les paquets en entrée.
ip6tables -A INPUT -j LOG
exit 0
Everything works... except smtp. I just don't understand why. Can you please help me understand what's happening ?
Thanks in advance !
EDIT : solved !
networking security iptables firewall
asked 18 hours ago
redravenredraven
62
New contributor
redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thanks. But as indicated in said article "A much better idea would be to remove all the -A INPUT ... --sport rules and use just this single rule instead: iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT". I did that. And my iptables was working without any --sport
– redraven
18 hours ago
add a comment |
I'm creating another thread for my ip6tables config.
ip6tables -F
ip6tables -X
ip6tables -t nat -F
ip6tables -t nat -X
ip6tables -t mangle -F
ip6tables -t mangle -X
ip6tables -P INPUT DROP
ip6tables -P FORWARD DROP
ip6tables -P OUTPUT DROP
# Autorise les connexions déjà établies et localhost
ip6tables -A INPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT
#ip6tables -A OUTPUT -o lo -j ACCEPT
#TOR
ip6tables -A OUTPUT -p tcp -m tcp --dport 9050 -j ACCEPT
# ICMP (Ping)
ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -A OUTPUT -p icmpv6 -j ACCEPT
# DNS
ip6tables -A OUTPUT -p tcp --dport 53 -j ACCEPT
ip6tables -A OUTPUT -p udp --dport 53 -j ACCEPT
# HTTP
ip6tables -A OUTPUT -p tcp --dport 80 -j ACCEPT
#HTTPS
ip6tables -A OUTPUT -p tcp --dport 443 -j ACCEPT
# Mail SMTP
ip6tables -A INPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 465 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 465 -j ACCEPT
#Transmission
ip6tables -A INPUT -p udp --dport 51413 -j ACCEPT
ip6tables -A OUTPUT -p udp --sport 51413 -j ACCEPT
# NTP (horloge du serveur)
ip6tables -A OUTPUT -p udp --dport 123 -j ACCEPT
# On log les paquets en entrée.
ip6tables -A INPUT -j LOG
exit 0
Everything works... except smtp. I just don't understand why. Can you please help me understand what's happening ?
Thanks in advance !
EDIT : solved !
networking security iptables firewall
asked 18 hours ago
redravenredraven
62
New contributor
redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
I'm creating another thread for my ip6tables config.
ip6tables -F
ip6tables -X
ip6tables -t nat -F
ip6tables -t nat -X
ip6tables -t mangle -F
ip6tables -t mangle -X
ip6tables -P INPUT DROP
ip6tables -P FORWARD DROP
ip6tables -P OUTPUT DROP
# Autorise les connexions déjà établies et localhost
ip6tables -A INPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT
#ip6tables -A OUTPUT -o lo -j ACCEPT
#TOR
ip6tables -A OUTPUT -p tcp -m tcp --dport 9050 -j ACCEPT
# ICMP (Ping)
ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -A OUTPUT -p icmpv6 -j ACCEPT
# DNS
ip6tables -A OUTPUT -p tcp --dport 53 -j ACCEPT
ip6tables -A OUTPUT -p udp --dport 53 -j ACCEPT
# HTTP
ip6tables -A OUTPUT -p tcp --dport 80 -j ACCEPT
#HTTPS
ip6tables -A OUTPUT -p tcp --dport 443 -j ACCEPT
# Mail SMTP
ip6tables -A INPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 465 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 465 -j ACCEPT
#Transmission
ip6tables -A INPUT -p udp --dport 51413 -j ACCEPT
ip6tables -A OUTPUT -p udp --sport 51413 -j ACCEPT
# NTP (horloge du serveur)
ip6tables -A OUTPUT -p udp --dport 123 -j ACCEPT
# On log les paquets en entrée.
ip6tables -A INPUT -j LOG
exit 0
Everything works... except smtp. I just don't understand why. Can you please help me understand what's happening ?
Thanks in advance !
EDIT : solved !
networking security iptables firewall
networking security iptables firewall
asked 18 hours ago
redravenredraven
62
New contributor
redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 18 hours ago
redravenredraven
62
New contributor
redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 15 hours ago
redraven
asked 18 hours ago
redravenredraven
62
New contributor
redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 18 hours ago
redravenredraven
62
asked 18 hours ago
redravenredraven
62
62
New contributor
redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
Thanks. But as indicated in said article "A much better idea would be to remove all the -A INPUT ... --sport rules and use just this single rule instead: iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT". I did that. And my iptables was working without any --sport
– redraven
18 hours ago
add a comment |
Thanks. But as indicated in said article "A much better idea would be to remove all the -A INPUT ... --sport rules and use just this single rule instead: iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT". I did that. And my iptables was working without any --sport
– redraven
18 hours ago
Thanks. But as indicated in said article "A much better idea would be to remove all the -A INPUT ... --sport rules and use just this single rule instead: iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT". I did that. And my iptables was working without any --sport
– redraven
18 hours ago
Thanks. But as indicated in said article "A much better idea would be to remove all the -A INPUT ... --sport rules and use just this single rule instead: iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT". I did that. And my iptables was working without any --sport
– redraven
18 hours ago
add a comment |
0
active
oldest
votes
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
redraven is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1138268%2fsolved-ip6tables-configuration%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
0
active
oldest
votes
0
active
oldest
votes
active
oldest
votes
active
oldest
votes
redraven is a new contributor. Be nice, and check out our Code of Conduct.
redraven is a new contributor. Be nice, and check out our Code of Conduct.
redraven is a new contributor. Be nice, and check out our Code of Conduct.
redraven is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Ask Ubuntu!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1138268%2fsolved-ip6tables-configuration%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Thanks. But as indicated in said article "A much better idea would be to remove all the -A INPUT ... --sport rules and use just this single rule instead: iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT". I did that. And my iptables was working without any --sport
– redraven
18 hours ago