Newest firewall Questions

Q&A for system and network administrators

Proxy external connections to internal process requiring localhost clients

I have a daemon running on a CentOS (7) box that accepts raw TCP (not HTTP) connections, and I'd like to connect to the daemon from a remote machine via the internet. The problem is that the daemon ...

How to remove access to a port using firewall on Centos7?

Had a port opened up to for public use using firewall-cmd, I wanted to limit this port to a specific IP which I found the answer for on this SITE. I used the following to open it: $ firewall-cmd --...

Error 407 with proxy enabled using Endian Firewall

I need to navigate on a web and enter user and a password. This is done from a PC with Windows 7. When I have the proxy of my Endian Firewall (hosted on another PC on my network) disabled from my ...

Murus firewall - redirect an ip to localhost web server

using host file, we can redirect a domain (example.com) to localhost: 127.0.0.1 example.com How can we redirect an ip (for example 35.166.133.11) to localhost (web server port 80) using Murus ...

Blocking a process to access certain urls

I would like to configure the firewall to block certain domains for a particular process. But these blocked domains should be available for use by other processes. How can I achieve this ?

Firewall Logs in pfSense shows the WAN IP for NAT Connections

I have a hardware router running pfSense (version 2.3.2-RELEASE), and I am trying to get the Firewall configured. So far, I only have 2 ports connected, one for the WAN connection, and one for LAN. I ...

How to open the L2TP ports of the built-in firewall using the pfctl tool on El Capitan?

NB - Please comment if more information is required to clarify this question. Using the built-in firewall on a Mac Mini server running El Capitan 10.11.6 (15G1212) and a Netgear C7000-100NAS (for ...

Which Ports need to be accessible on a Domain Controller for Clients to logon? continued

With reference to one of the questions asked "Which Ports need to be accessible on a Domain Controller for Clients to logon?" I have a aligned issue being faced. Please see the following ports which ...

VLANs can't access Internet through ASA firewall

I'm doing project of network in Packet Tracer, but I encountered a problem with connection between vlans and Internet. I have ASA5005, two layer 3 switches (3560, one for each building) and bunch of ...

Shorewall reporting martians

Running Shorewall v5.0.14.1 on Fedora Server 4.8.15-200.fc24.x86_64 configured with two interfaces (br0 and team0). Interface br0 connects to Internet while the team0 interface connects wireless ...

Using Centos Firewall how to assign multiple IPs to a Port? [duplicate]

Setting up a new zone, with a port that has restricted access to an IP address. How does one apply this to more than one IP? $ firewall-cmd --new-zone=special $ firewall-cmd --permanent --zone=...

Is Azure's default firewall for ResourceManager VMs bypassing/allowing/supporting UPnP requests?

When creating a VM with the new Resource Manager, I can see that the default Network Security Group restricts every incoming access to all ports (except the administration port, SSH/RDP), which makes ...

Site on IIS8 unreachable

I have a site on IIS8, but it isn't longer reachable. It worked until three days ago. The site is binded correctly on IIS8 (https on port 8081 with a valid certificate) The port 8081 on the (Windows)...

SSH Jump Host WITHOUT Agent Forwarding

Although a simple question, I have searched for days without success. M = My machine J = Jump Host S = Server Jump Host has my public key on authorized_keys. Server has J's public key on ...

Netfilter - LAN -> VPN Clients

I have a remote office with a firewall running OpenVPN which clients can connect to. Firewall interfaces: * eth0 - 1.2.3.4 (public) * br0 - 192.168.1.1 (/24) * tun0 - 192.168.254.1 (/24, VPN clients)...

How to access my ftp sever over the internet?

I have Windows Server 2016 running on an Azure VM, and I'm trying to get ftp running on it. FTP role is installed, ports 21 and 20 are opened in the firewall and in Azure portal. And still port 20 ...

Close default SSH Port On Centos

I have been getting 1000s of failed logins per hour over the past few weeks and I'm sure 99% of them are from bots. I have installed fail2ban and I've been blocking some subnets, but i have also ...

Windows Server 2008 No Source Network Address

In another thread someone responded that the IP Address of the source machine is shown in the logs "100% of the time". If I understand his answer correctly, that's not true. I would like to know ...

How to use IPv6 tunnel to allow a dynamic IP in (Windows) firewall

I am frequently changing locations and my client has to update their firewall rules to allow me access to various servers when my IP changes. I'm looking for a better solution. A couple of things ...

How to resolve “fail to connect to MySQL Server at localhost:3306 with user root”?

I have tried over and over to connect to the local server using MySQL Workbench 6.3 on my computer using the following parameters, but it won't let me connect. Do you think it is a firewall issue? ...

How to configure port access with restrictions for zabbix agent and server using firewall?

I have my Agent / Server configured correctly, I know this because it was working. I just made changes to the firewall on the agent side restricting access on port 10050, but permitting the Server ...

Give a Windows 2008 VM Internet access but block Host LAN access?

Securing a guest VM to give it internet access, but block access to host LAN The above was a similar question asked for Linux but the following has specifics that are different. We need to have ...

Firewall rules not working [on hold]

New cloud user here. I have a database running in a instance listening at port 27017. So I just went in the firewall rules, created one for tcp and udp for port 27017 from any computer. The firewall ...

Linux server icmp security

I have a Linux router, it is connecting to internet via pppoe with dynamic IP and I would like it NOT to respond to ping (or any other kind of icmp) from outside (internet), BUT I would like that ...

Cannot reach server from external network when docker is running on the host

I've got two (virtual) servers from an external provider which I can access from my local corporate network via a permanent VPN tunnel. I don't know the details of the network setup, but I can ping ...

Red Hat server blocking SSH from firewall but allowing from other machine behind same firewall

I have two Red Hat VMs behind a firewall with IPSec VPN access configured. Once I connect to the VPN, I cannot SSH into one of the machines (using terminal on the Mac). However, I can get into the ...

Firewall trouble when deploying Tomcat at CentOS

I am trying to deploy a Tomcat server in a CentOS environment, but it is not receiving requests. Executing startup.sh works properly and the logs show that tomcat is running 16-Dec-2016 13:36:58.440 ...

Windows firewall blocks port connection even it's allowed

I have setup windows firewall rules to allow port 443 and 9000 to be allowed though inbound and outbound connections, and allowed the apache httpd.exe though the firewall as well. But as shown by my ...

Allowing only outbound HTTP traffic through Cisco ASA 5505 with host filtering

I'm trying to only allow outbound HTTP traffic through a Cisco ASA 5505 8.3(1) with additional filtering using the host request header. But I can't get the host header filtering to work. All HTTP ...

Upload config to Cisco ASA 5505 via copy/paste (No TFTP)

I copy/pasted the running-config to a .txt file on my directly-attached PC. How do I paste or otherwise upload that config to the ASA? All resources I've found just talk about using TFTP, but there ...
+50

How to mark packets depending on hostname?

We can mark packets on the basis of IP addresses in the following way - iptables -A FORWARD -t mangle -s 123.2.3.4 -j MARK --set-mark 1 How to mark packets depending on the hostname? I tried this - ...

Cisco ASA 5505 - Reload WITHOUT resetting to default config

Twice now I've ran the 'reload' command on console on my ASA 5505 ver. 9.1(3), and it's completely wiped my config and reset to factory defaults. I've made sure I 'wr mem' before reloading. I saw an ...

Does a system with no running network services need a firewall?

I ask this with the default install of FreeBSD in mind. It has no network services activated and also no firewall installed. This is unlike many linux distributions which typically configure a basic ...

Sending message to two clients behind one public IP [closed]

So recently I have been developing a simple UDP server and client application (using C# with .NET), however I seem to have hit a dead end and am in need of advice. The current situation is that the ...

Firewall (pfSense) general, and block ssh attacks “newbie”

i am a little beginner in administration. Have an VPS on ovh.com, where i had expect 28 tries in 2 days from different ip's (usually china) to log on my ssh (late centos installed with Centos Web ...

Create group of ip ranges for network security groups in Azure?

Is there a way for to group several ip address ranges in Azure? Usage example: I have a list of IP ranges from Salesforce that I want to whitelist for a bunch of NetworkSecurityGroups. Let's say ...

NoProxy only for main domain - cntlm

I am running an ubuntu in a corporate firewall with cntlm. For working with my local dev sites I have to insert then into the NoProxy like so *.local. I have a problem with a sith that I running ...

AWS EC2 deny single ip address and allow all

I have a AWS EC2 instance and want deny access on port 80 for a single ip address (a bad bot). AWS console it seem support only "allow" rules. How deny a single ip address?

Simple ufw rule translated to fwbuilder (openvpn masquerade)

on my ubuntu 16.04 openvpn server I tried to set the follow ufw firewall rules using fwbuilder. I cannot find the all the rule options in fwbuilder. Do you have any idea where are the missing rule on ...

How does the zScaler cookie authentication work?

I'm implementing a web filter for my organization and I'm considering zScaler. I do not want to use proxy PAC file. I just got off the phone with zScaler's sales and they claim that they can ...

Transparent Firewall using macOS pf [on hold]

I'm trying to setup a transparent firewall with a Mac mini running macOS Sierra. Basically I'm trying to do this (just with macOS): https://binblog.info/2012/06/26/a-transparent-firewall-using-openbsd/...

Recover from Cisco ASA 5508-X internal flash failure?

I was performing maintenance on a standby Cisco ASA 5508-X firewall that is part of a failover cluster. Upon reload, I noticed that the cluster status remained failed long after the unit should have ...

How can I route Multicast between segregated interfaces on Sonicwall

I realize this question might be a little too specific, and I've read all the other questions about multicast on VPN, multicast on multiple interfaces, etc. But, I've applied all the information ...

Allow single IP address in iptables and deny range

I have recently blocked whole range of IP addresses coming from China on my server, but I have to allow one or few. However I am not much familiar with iptables rules precedence. My rules regarding ...

Ubuntu wireless AccessPoint. How to measure data consumption for each connected IP

I need to mesure a web site data consumption. My plan is to use a Ubuntu PC as an wireless AccessPoint and use the Ethernet port as a gateway to the internet. On the Ubuntu, allow just the ...

Something closing SSH access on Plesk Onxy [on hold]

I am running a new VPS server from Heart Internet running Ubuntu 14.04.5 LTS‬ and Plesk Onyx 17.0.17. I have enabled the Firewall extension and have modified the ssh port to use something non-standard....

Need a whitelist firewall software for Windows Server in Google Cloud

We are migrating to Google Cloud (GCE). We have a SFTP server running on Windows Server. We want to migrate this but we must have a white list filter and block all other SSH login attempts (i was ...

nftables configuration - allow mac on tcp port

im new in firewalls etc. readed nftables quick reference how to allow only my mac address (my device - laptop, phone etc.). allow my mac to access ssh port (port:22) tried that: ether saddr 00:00:...

Mysql connection not working with Windows Firewall on

Using Windows 7 Pro, Mysql server 5.7 installed on local pc. It was working till the pc moved to another private network. When I open Mysql Workbench and click the only connection I have, it doesn't ...

Configuring a port setting on Linux server

I'm trying to allow Internet traffic to port 7778 on my server, but am unable to do it correctly. Probably making some rookie mistake here. Can you help me diagnose and solve the issue? I simply did ...
Translating... 0%