Posts tagged "iptables"

• Linux Connection NAT Helper not Working

  2021/10/22 — alex — connection-tracking iptables nat firewall linux netwoking

  Some protocols need more than one TCP or UDP connection. For NAT to work the firewall needs to open additional ports to allow client server connection automatically. Examples are FTP (port 21 handshake, additional ports for data), PPTP (port 1723 for handshake, proto GRE 47 for payload) Since Linux kernel (~) 4.7 th...

• Block Internet per User/Service

  2019/09/25 — alex — iptables CLI internet linux

  If you like to block network access for certain users on a linux box it's as simple as that: /sbin/iptables -I OUTPUT -m owner --uid-ower <USERNAME> -j DROP Username might also be the username of a running service.

• Source IP Address Based on User

  2017/11/08 — alex — iptables sourceip user firewall linux routing-2

  If you want to use different source IP addresses based on the logged in user or running service on a Linux computer you can use these simple commands: /sbin/ifconfig eth0:1 NEW-IP-ADDRESS netmask YOUR-NORMAL-NETMASK /sbin/iptables -t nat -A POSTROUTING -m owner --uid-owner USERNAME -j SNAT --to-source NEW-IP-ADDRESS...

• Multiple Routing Tables with IPTables

  2011/10/07 — alex — iptables vpn internet linux

  Challenge: You have a linux based firewall, which should forward all internal and external traffic of its connected clients through a VPN tunnel, and at the same time the traffic from the firewall itself should not go through the tunnel (e.g. the tunnel connection packets). Solution: There are lots of howtos for thi...