SOLVED -ip6tables - configurationHow can I set up GUFW so that only firefox connects to the internetiptables...

"Whatever a Russian does, they end up making the Kalashnikov gun"? Are there any similar proverbs in English?

Extension of 2-adic valuation to the real numbers

How much cash can I safely carry into the USA and avoid civil forfeiture?

What happens to Mjolnir (Thor's hammer) at the end of Endgame?

Can I grease a crank spindle/bracket without disassembling the crank set?

Was there a shared-world project before "Thieves World"?

How did Captain America manage to do this?

Why do distances seem to matter in the Foundation world?

Why was the Spitfire's elliptical wing almost uncopied by other aircraft of World War 2?

Can someone publish a story that happened to you?

Map of water taps to fill bottles

How do I check if a string is entirely made of the same substring?

Pulling the rope with one hand is as heavy as with two hands?

How could Tony Stark make this in Endgame?

Classification of surfaces

Re-entry to Germany after vacation using blue card

How to stop co-workers from teasing me because I know Russian?

Can we say “you can pay when the order gets ready”?

Minor Revision with suggestion of an alternative proof by reviewer

Dynamic SOQL query relationship with field visibility for Users

How exactly does Hawking radiation decrease the mass of black holes?

Which big number is bigger?

Pre-plastic human skin alternative

How do I reattach a shelf to the wall when it ripped out of the wall?



SOLVED -ip6tables - configuration


How can I set up GUFW so that only firefox connects to the internetiptables problemConfiguration of iptables (verfication, actives services, allow FTP)Want some advanced configuration with ufwFailed to start netfilter-persistent configurationForward FTP to another ServerSSH over VPN on Ubuntu Client Does not use Tun0Tor Browser Bundle/Tor and IPTables: Seeking a Working Setupftp port 21 and 20 not showingIPtables configuration






.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







1















I'm creating another thread for my ip6tables config.



ip6tables -F
ip6tables -X
ip6tables -t nat -F
ip6tables -t nat -X
ip6tables -t mangle -F
ip6tables -t mangle -X
ip6tables -P INPUT DROP
ip6tables -P FORWARD DROP
ip6tables -P OUTPUT DROP

# Autorise les connexions déjà établies et localhost
ip6tables -A INPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT
#ip6tables -A OUTPUT -o lo -j ACCEPT


#TOR
ip6tables -A OUTPUT -p tcp -m tcp --dport 9050 -j ACCEPT

# ICMP (Ping)
ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -A OUTPUT -p icmpv6 -j ACCEPT

# DNS
ip6tables -A OUTPUT -p tcp --dport 53 -j ACCEPT
ip6tables -A OUTPUT -p udp --dport 53 -j ACCEPT

# HTTP
ip6tables -A OUTPUT -p tcp --dport 80 -j ACCEPT


#HTTPS
ip6tables -A OUTPUT -p tcp --dport 443 -j ACCEPT


# Mail SMTP

ip6tables -A INPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 465 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 465 -j ACCEPT


#Transmission
ip6tables -A INPUT -p udp --dport 51413 -j ACCEPT
ip6tables -A OUTPUT -p udp --sport 51413 -j ACCEPT


# NTP (horloge du serveur)
ip6tables -A OUTPUT -p udp --dport 123 -j ACCEPT

# On log les paquets en entrée.
ip6tables -A INPUT -j LOG


exit 0


Everything works... except smtp. I just don't understand why. Can you please help me understand what's happening ?



Thanks in advance !



EDIT : solved !










share|improve this question









New contributor




redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





















  • Thanks. But as indicated in said article "A much better idea would be to remove all the -A INPUT ... --sport rules and use just this single rule instead: iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT". I did that. And my iptables was working without any --sport

    – redraven
    18 hours ago




















1















I'm creating another thread for my ip6tables config.



ip6tables -F
ip6tables -X
ip6tables -t nat -F
ip6tables -t nat -X
ip6tables -t mangle -F
ip6tables -t mangle -X
ip6tables -P INPUT DROP
ip6tables -P FORWARD DROP
ip6tables -P OUTPUT DROP

# Autorise les connexions déjà établies et localhost
ip6tables -A INPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT
#ip6tables -A OUTPUT -o lo -j ACCEPT


#TOR
ip6tables -A OUTPUT -p tcp -m tcp --dport 9050 -j ACCEPT

# ICMP (Ping)
ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -A OUTPUT -p icmpv6 -j ACCEPT

# DNS
ip6tables -A OUTPUT -p tcp --dport 53 -j ACCEPT
ip6tables -A OUTPUT -p udp --dport 53 -j ACCEPT

# HTTP
ip6tables -A OUTPUT -p tcp --dport 80 -j ACCEPT


#HTTPS
ip6tables -A OUTPUT -p tcp --dport 443 -j ACCEPT


# Mail SMTP

ip6tables -A INPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 465 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 465 -j ACCEPT


#Transmission
ip6tables -A INPUT -p udp --dport 51413 -j ACCEPT
ip6tables -A OUTPUT -p udp --sport 51413 -j ACCEPT


# NTP (horloge du serveur)
ip6tables -A OUTPUT -p udp --dport 123 -j ACCEPT

# On log les paquets en entrée.
ip6tables -A INPUT -j LOG


exit 0


Everything works... except smtp. I just don't understand why. Can you please help me understand what's happening ?



Thanks in advance !



EDIT : solved !










share|improve this question









New contributor




redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





















  • Thanks. But as indicated in said article "A much better idea would be to remove all the -A INPUT ... --sport rules and use just this single rule instead: iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT". I did that. And my iptables was working without any --sport

    – redraven
    18 hours ago
















1












1








1








I'm creating another thread for my ip6tables config.



ip6tables -F
ip6tables -X
ip6tables -t nat -F
ip6tables -t nat -X
ip6tables -t mangle -F
ip6tables -t mangle -X
ip6tables -P INPUT DROP
ip6tables -P FORWARD DROP
ip6tables -P OUTPUT DROP

# Autorise les connexions déjà établies et localhost
ip6tables -A INPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT
#ip6tables -A OUTPUT -o lo -j ACCEPT


#TOR
ip6tables -A OUTPUT -p tcp -m tcp --dport 9050 -j ACCEPT

# ICMP (Ping)
ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -A OUTPUT -p icmpv6 -j ACCEPT

# DNS
ip6tables -A OUTPUT -p tcp --dport 53 -j ACCEPT
ip6tables -A OUTPUT -p udp --dport 53 -j ACCEPT

# HTTP
ip6tables -A OUTPUT -p tcp --dport 80 -j ACCEPT


#HTTPS
ip6tables -A OUTPUT -p tcp --dport 443 -j ACCEPT


# Mail SMTP

ip6tables -A INPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 465 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 465 -j ACCEPT


#Transmission
ip6tables -A INPUT -p udp --dport 51413 -j ACCEPT
ip6tables -A OUTPUT -p udp --sport 51413 -j ACCEPT


# NTP (horloge du serveur)
ip6tables -A OUTPUT -p udp --dport 123 -j ACCEPT

# On log les paquets en entrée.
ip6tables -A INPUT -j LOG


exit 0


Everything works... except smtp. I just don't understand why. Can you please help me understand what's happening ?



Thanks in advance !



EDIT : solved !










share|improve this question









New contributor




redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












I'm creating another thread for my ip6tables config.



ip6tables -F
ip6tables -X
ip6tables -t nat -F
ip6tables -t nat -X
ip6tables -t mangle -F
ip6tables -t mangle -X
ip6tables -P INPUT DROP
ip6tables -P FORWARD DROP
ip6tables -P OUTPUT DROP

# Autorise les connexions déjà établies et localhost
ip6tables -A INPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A OUTPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A INPUT -i lo -j ACCEPT
#ip6tables -A OUTPUT -o lo -j ACCEPT


#TOR
ip6tables -A OUTPUT -p tcp -m tcp --dport 9050 -j ACCEPT

# ICMP (Ping)
ip6tables -A INPUT -p icmpv6 -j ACCEPT
ip6tables -A OUTPUT -p icmpv6 -j ACCEPT

# DNS
ip6tables -A OUTPUT -p tcp --dport 53 -j ACCEPT
ip6tables -A OUTPUT -p udp --dport 53 -j ACCEPT

# HTTP
ip6tables -A OUTPUT -p tcp --dport 80 -j ACCEPT


#HTTPS
ip6tables -A OUTPUT -p tcp --dport 443 -j ACCEPT


# Mail SMTP

ip6tables -A INPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 25 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 587 -j ACCEPT
ip6tables -A INPUT -p tcp --dport 465 -j ACCEPT
ip6tables -A OUTPUT -p tcp --dport 465 -j ACCEPT


#Transmission
ip6tables -A INPUT -p udp --dport 51413 -j ACCEPT
ip6tables -A OUTPUT -p udp --sport 51413 -j ACCEPT


# NTP (horloge du serveur)
ip6tables -A OUTPUT -p udp --dport 123 -j ACCEPT

# On log les paquets en entrée.
ip6tables -A INPUT -j LOG


exit 0


Everything works... except smtp. I just don't understand why. Can you please help me understand what's happening ?



Thanks in advance !



EDIT : solved !







networking security iptables firewall






share|improve this question









New contributor




redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited 15 hours ago







redraven













New contributor




redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked 18 hours ago









redravenredraven

62




62




New contributor




redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






redraven is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.













  • Thanks. But as indicated in said article "A much better idea would be to remove all the -A INPUT ... --sport rules and use just this single rule instead: iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT". I did that. And my iptables was working without any --sport

    – redraven
    18 hours ago





















  • Thanks. But as indicated in said article "A much better idea would be to remove all the -A INPUT ... --sport rules and use just this single rule instead: iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT". I did that. And my iptables was working without any --sport

    – redraven
    18 hours ago



















Thanks. But as indicated in said article "A much better idea would be to remove all the -A INPUT ... --sport rules and use just this single rule instead: iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT". I did that. And my iptables was working without any --sport

– redraven
18 hours ago







Thanks. But as indicated in said article "A much better idea would be to remove all the -A INPUT ... --sport rules and use just this single rule instead: iptables -I INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT". I did that. And my iptables was working without any --sport

– redraven
18 hours ago












0






active

oldest

votes












Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "89"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});






redraven is a new contributor. Be nice, and check out our Code of Conduct.










draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1138268%2fsolved-ip6tables-configuration%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























0






active

oldest

votes








0






active

oldest

votes









active

oldest

votes






active

oldest

votes








redraven is a new contributor. Be nice, and check out our Code of Conduct.










draft saved

draft discarded


















redraven is a new contributor. Be nice, and check out our Code of Conduct.













redraven is a new contributor. Be nice, and check out our Code of Conduct.












redraven is a new contributor. Be nice, and check out our Code of Conduct.
















Thanks for contributing an answer to Ask Ubuntu!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1138268%2fsolved-ip6tables-configuration%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

Why do type traits not work with types in namespace scope?What are POD types in C++?Why can templates only be...

Will tsunami waves travel forever if there was no land?Why do tsunami waves begin with the water flowing away...

Simple Scan not detecting my scanner (Brother DCP-7055W)Brother MFC-L2700DW printer can print, can't...