Talk:Iptables
From Gentoo Wiki
(Redirected from Talk:Security Handbook/Firewalls and Network Security/iptables)
Jump to:navigation
Jump to:search
Note
Before creating a discussion or leaving a comment, please read about using talk pages. To create a new discussion, click here. Comments on an existing discussion should be signed using
Before creating a discussion or leaving a comment, please read about using talk pages. To create a new discussion, click here. Comments on an existing discussion should be signed using
~~~~:
A comment [[User:Larry|Larry]] 13:52, 13 May 2024 (UTC) : A reply [[User:Sally|Sally]] 16:00, 25 April 2025 (UTC) :: Your reply ~~~~
Navigate to first
firewall management
Talk status
This discussion is done.
webmin has a web based gui to easily generate rules. fwbuilder is also an easy way to generate rules....
http://www.iptables.info/en/iptables-gui.html
666threesixes666 (talk) 20:23, 4 November 2013 (UTC)
- Nothing to action here. Closing discussion. --Maffblaster (talk) 17:35, 21 February 2017 (UTC)
hierarchy
Talk status
This discussion is done as of 2024-05-26.
ip v6 second kernel box's hierarchy is messed up & i doubt its a functioning config. 666threesixes666 (talk) 05:32, 22 March 2014 (UTC)
- Did you mean the client or the router section? As for client, it's working with kernel 3.18 --Charles17 (talk) 12:25, 24 April 2015 (UTC)
Logging
Talk status
This discussion needs help as of 2024-05-26.
Tip: To get this fixed sooner, use {{Proposal}}.
Tip: To get this fixed sooner, use {{Proposal}}.
The following rules added to the end of my firewall.sh script were invaluable. I forget where I picked this scripting up from, likely Arch IPTables site, or one of the ask superuser sites. I don't think this required any additional modules, except the usual minimal Shorewall kernel modules for using IPTables. --Roger (talk) 04:28, 30 August 2016 (UTC)
CODE
# LOGGING
# Create a new chain called LOGGING.
iptables -N LOGGING
# Make sure all the remaining incoming connections jump to the LOGGING chain as shown below.
iptables -A INPUT -j LOGGING
# Next, log these packets by specifying a custom "log-prefix".
# FIXME: Requires additional NETFILTER_XT_MATCH_LIMIT kernel module
#iptables -A LOGGING -m limit --limit 2/min -j LOG --log-prefix "IPTables Packet Dropped: " --log-level 7
# FIXME: Without using NETFILTER_XT_MATCH_LIMIT, use the following rule instead:
iptables -A LOGGING -j LOG --log-prefix "IPTables PACKET DROPPED: " --log-level 7
# Finally, drop these packets too.
iptables -A LOGGING -j DROP
- Any ideas for how this could be incorporated into the article?
- — Waldo Lemmer 07:12, 26 May 2024 (UTC)