| |
| |
| |
|
Page: 1 2
Comments:
<0> you are right
<1> Hi everyone :) i forward my connection like this and ping both hosts in ~34.x ms: iptables -t nat -A PREROUTING -d 62.18.15.2 -p tcp --dport 22001 -j DNAT --to-destination 10.0.1.2:22 the connection is very slow and i don't get why
<1> and also, one of my colleages complains it disconnected him..
<1> "reset by peer"
<1> but when i access this server through ssh from a server, without this routing thing... it works
<1> any idea ?
<1> would it be due to the fact i route to an other port in pre-routing ? should i do it like in postrouting so it rewrites the packets ?
<2> trappist: Ping?
<3> no pong
<4> trappist: Hello, how are you all the time? :-)
<4> trappist: Did you tried some methods of how to defend against the Yersinia tool as we talked about yet? I have had no time to do it since the time. :-(
<4> trappist: I even did no closer look at it, because my job actualy is offending all time I have... :-(
<5> yo
<5> can i get any debug for ip_gre?
<6> hi all
<7> anyone been able to compile iptables with IMQ with latest iptables?
<7> or with layer7 filtering?
<7> neither will compile for me
<6> pls help, I have 2 ifaces (net, lan) how can I hide 445/tcp from the net interface and only available for lan iface, pls write an iptables rule?!
<5> southern: input, forward, or output?
<5> southern: iptables -A FORWARD -p tcp --dport 445 -i net -j DROP
<5> something like that anyway, you go mod that to your needs
<6> MrEntropy: I mean if anybody do nmap my host be hide ...
<6> thank you
<6> testing...
<6> MrEntropy: pls help, I put it in my rule -> $ nmap localhost -> still visible 445/tcp
<5> southern: dood, that's a forward rule, it wont stop you from accessing your own machine
<6> lol :DDD sorry
<6> thank you
<8> I think I've found an upper-limit in iptables
<8> I have 68.142.0.0/24 blocked, and there are hits coming in from ips in that range
<8> -A INPUT -s 68.142.0.0/255.255.255.0 -p tcp -m tcp --dport 80 -j REJECT --reject-with icmp-port-unreachable
<8> And these just came in:
<8> 68.142.250.80 [24/Feb/2006:22:36:39 -0500] "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)";
<8> 68.142.251.142 [24/Feb/2006:22:36:39 -0500] "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)";
<8> 68.142.250.138 [24/Feb/2006:22:36:52 -0500] "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)";
<8> How can I stop/block these?
<8> I have 2,565 separate rules defined, all unique
<5> setuid: mwohohohoa! that's a lot!
<8> Just pared it down to 2,131 with some more /24's
<8> 2,103 now
<5> setuid: you're decreasing? comon! test it out
<8> Just cleaning up groups
<8> yahoo and msnbot are the absolute worst http offenders
<8> I don't know what children they hired to write their spiders, but they need to grow up
<8> # iptables-save | wc -l
<8> 1751
<8> Getting closer to manageable
<8> # iptables-save | grep "dport 25" | wc -l
<8> 1639
<8> ****ing spammers
<5> nasty, scheming, filthy spider-writing children, to the orphanage with you all!
<8> Exactly
<8> Actually, its the malware I block on port 25
<8> I wish I could cause the rules to time out on their own
<8> Like say... 3.5 days
<8> So they're blocked for 3.5 days and iptables purges them on their own
<5> you could always script that
<8> With a cron job, sure
<8> # zgrep blackholes mail.log* | wc -l
<8> 7690
<8> sigh
<9> is it possible to tell all outgoing traffic on one interface to instead go through another interface? ex: all trafffic outgoing through eth1 to go through eth0?
<10> jgor: you want redirect or mirror?
<9> redirect
<11> I was just going to ask setuid why he was doing this, he should just start with updating his bogon filters
<11> then using include
<12> hey
<12> i just got back from seattle
<12> how are things here
<11> I have to fix up a windoze computer with tons of viruses and spyware, and I can't reformat it
<11> on the bright side, I found computers that use windows embeded on a 2G flash drive, with a separate drive for data, are really awesome!
<11> they work just like deepfreeze
<12> why don't you use vmware, make a nice clean image, when they screw it up, just copy your clean image again
<12> thats what i do at the VA hospitals
<11> no original disk
<11> some off-brand company too
<11> doing it for a friend
<12> ah, he must have porn then
<13> she
<12> ah ha
<13> argg, fscking nicks
<14> I wish I could keep my nickserv p***words
<14> straight
<12> where did you find this usb windows boot image from
<12> would like to see that
<13> usb windows boot image?
<13> oh, for the flash drive
<12> you have to buy the usb drive with the image on it?
<13> computer was bought from a company
<13> wasn't a usb drive
<12> oh
<13> the flash drive was embedded on the computer as the secodary master controller
<13> secondary*
<12> ah now i get it
<13> and we put a 2 gig flash drive in it with windows embedded
<12> that will be an extra cost then for me to put flash drives on all machines if i want to do it that way
<13> really, really stripped down version of windows
<13> but, the only way to save to the flash drive so things are saved after reboot is ewfmgr c: -commit in a cmd prompt
<13> anyway, her computer ****s
<12> did you make the flash image yourself?
<13> the tip of the power cord melted into the computer
<13> no, company did
<12> ah ok
<13> I'll get the name on monday if you want it
<12> i've not seen a bootable, live cd type windows OS, usb boot or flash boot
<12> would like to use it, will be faster than vmware
<13> damn this ystem loves to lock up
<13> the power cord actually gets really hot on it too
<13> I think I'm going to force her to buy a dell or hp
<13> I wish there was a decent company to buy laptops from :(
<13> since both of those ****
<12> get that alien thingie
<12> they make nice laptops
<13> yeah, but they're expensive and heavy
<12> yup, that they are
<13> or have they come out with consumer laptops now?
<13> her current computer has a 12" screen, weighs nothing
<12> damn
<12> hey her a tablet
<12> those have come down in price and are very compact
<12> you can buy a tablet with linux on it now also
<12> voice rec and all installed on it
<13> she will kill me if I say linux
<12> stick on kde with windows theme, she will never know it's linux
<15> how do I block a network from all services on a server?
<15> I see that "-A INPUT -s 1.2.3.4 -j DROP" will block a single host, but I'd like to block a whole country or three :)
<13> 1.2.0.0/16
<13> qbwdp: until she tries to install kazaa agan or something
<12> oh yes, kazaa still going hot then
<13> of course
<13> damn I'm getting tired
<13> and I still have to modify my laptop tonight
<13> my pcm/cia slot got jammed in
<12> oh no
<13> yeah, dropped it straight on my work's sprint wireless card
<13> wireless card survive, but my slot didn't
<13> I think I shall go get that now
<16> killermach: read up about CIDR addressing. Google can help.
<13> I'm going all out with a soldering iron tommorrow
<13> just took apart every singe piece of my dell laptop
<17> I'm not finding much help for a particular problem: I have one ethernet card, with two interfaces, eth0 at 192.168.1.210 and eth0:1 at 192.168.1.211... broadcast packets (UDP I think) only appear to go to eth0, but I'd like them to go to both.
<5> yo
<5> how can i get a list of which pci device is which ethN interface?
<17> don't know, but I think you just gave me a clue on my problem =), eth0 bcast = 192.168.1.255, eth0:1 bcast=192.168.255.255
<16> dmesg
<16> If your klogd buffer has lost the boot messages, perhaps your distro saves a copy of it. Slackware has /var/log/dmesg.
<16> eth0 and eth0:1 are only one interface. And if they're in the same subnet as appears likely, only one can be the default for that subnet.
<18> is there a way i can block all ip's that resolve to say, *.tw without having to have a script reading from a database?
<17> and a subnet broadcast can only go to one alias on an interface? the server I'm running is emulating a hardware upnp/http device, and I'm trying to have one computer pretend to be multiple devices.
<16> Strykar: not really, no. You can find what netblocks have been allocated to a country and block those.
Return to
#iptables
or
Go to some related
logs:
emailid.txt
#lgp
#perl
#suse
error: System has no support for gtk python interface
putty shell-init error retrieving current directory
$ javascript prototype GetElementsByTag
#math
4(x+3)-x>15?
gentoo fixboot package
|
|