Skip to main content

All Questions

Tagged with
Filter by
Sorted by
Tagged with
0 votes
1 answer
52 views

I keep receiving login attempt to my server until it gets down

I have a Centos7 server and after years of correctly working, yesterday it started to being unreachable (The server apps I have there were not rechable, the SSH connection gave timeout, etc but the ...
Faabass's user avatar
  • 103
1 vote
1 answer
364 views

Failover load balancing by iptables is possible?

I'm playing around with iptables in my home lab. My first goal is to take my active directory communication into one load balancing virtual IP. I used prerouting chain to do that. For testing purposes,...
Peet's user avatar
  • 21
0 votes
0 answers
433 views

How to alter firewall (iptables) log rules such that they stop flooding the primary console on AlmaLinux 8?

I have a constant deluge of firewall blocks showing up on my console in AlmaLinux 8: How do you modify iptables rules / settings so as to disable these from showing up on the primary console and to ...
ylluminate's user avatar
  • 1,207
-1 votes
2 answers
247 views

Firewall not keeping relay attempts from reaching postfix

I have a centos-based vps managed with webmin and every once in a while I get a few hundred emails like this one: From: MAILER-DAEMON@mail.<redacted>.com To: postmaster@<redacted>.com ...
alex_223's user avatar
  • 120
0 votes
1 answer
618 views

how to use firewalld in stateful mode

I have to setup an stateful firewall on centos8 using firewalld. I'm new to firewalld but have experience with old style iptables for this purpose. since it is recommended by Redhat here I prefer to ...
H. Far's user avatar
  • 21
3 votes
0 answers
4k views

how to allow outgoing traffic with firewalld / libvirt on CentOS 8?

I installed a CentOS 8 guest on a CentOS 8 host using libvirt. However firewalld is blocking all outgoing traffic from the guest to the internet unless I use target=ACCEPT for the libvirt zone. The ...
Felix Schwarz's user avatar
0 votes
2 answers
4k views

Can't access VNC port from local network

I've installed VNC on CentOS and enabled it on port 5901. I made sure that selinux, firewalld and iptables were disabled/stopped on the system for troubleshooting purposes. Now I can successfully ...
L.Ray's user avatar
  • 113
0 votes
1 answer
607 views

position and override the default nftables rules

I recently installed Centos8 on a virtual machine to try nftables as a replacement for iptables. I installed it by choosing the full server with GUI option. With nft list rulset I have a long output ...
Tiziano Pedrazzoli's user avatar
2 votes
2 answers
2k views

Block China on GCP/VM firewall

is there a way to geo block China from connecting my GCP VMs? I see this item in my billing: Network Internet Egress from Americas to China Can I block the whole lot? Is there a way to investigate ...
Boppity Bop's user avatar
0 votes
0 answers
94 views

Issue with firewalld and ebtables [duplicate]

I am just setting up a server that occupies firewalld as the main firewall, but I have a problem ... doing systemctl status firewalld it appears that the service is running, but with certain problems ...
Gabriel's user avatar
3 votes
1 answer
1k views

Firewalld forwarding same-zone traffic from Wireguard interface, without allowing access to Host-ports

I am running a RHEL-based Linux distribution on a VPS, that is supposed to be a VPN-Gateway Server. I am using Wireguard for interconnecting Clients with each other over this Gateway. The Server has ...
Raffael Rehberger's user avatar
1 vote
0 answers
50 views

Having a Secure / Copy Protected DESKTOP Environment in Cent OS Linux

We have a VPS / Bare-metal server rented on a data-center and we access them over internet through user ID and password. It is running CentOS 7. That is direct access and there's no VPN in between. We ...
SS891's user avatar
  • 81
0 votes
0 answers
13 views

Allow application through firewall Linux [duplicate]

I installed clean CentOS 8 machine. copied my app to it. started. i can get response by curl https://localhost:5001 -- insecure but if I try a local or external ip or browser from remote location for ...
Boppity Bop's user avatar
1 vote
1 answer
3k views

How to remove ipset entry with timeout from firewalld using firewall-cmd?

Using Centos 8 with firewalld. I created 2 ipsets, one permanent, one with timeout: firewall-cmd --permanent --new-ipset=blacklist_temp --type=hash:ip --option=timeout=86400 firewall-cmd --permanent --...
michnovka's user avatar
  • 130
1 vote
0 answers
163 views

Is iptables-save and iptables-restore works if I am using firewalld?

We are using docker-compose to run our services and firewalld as our firewall. Now we need to modify some firewall rules, but since firewalld has possible risk that remove DOCKER-USER iptables chain ...
jerryleooo's user avatar
0 votes
1 answer
334 views

How to block traffic to specific subdomain in OpenVPN?

I have an OpenVPN server with some vpn clients and I want to block access to this subdomain for all of the clients : teamspeak.site.com Is there any way to achieve this with OpenVPN configuration? If ...
Mr Pro's user avatar
  • 33
2 votes
1 answer
786 views

firewalld, `--add-rich-rule` and missing blacklist set

My server uses Centos8 quite recently installed (~1 year). After trying to ban an IP: firewall-cmd --permanent --zone=extz --add-rich-rule='rule family="ipv4" source address="49.88.112....
PeptideChain's user avatar
2 votes
1 answer
180 views

Deny port redirection based on source IP - firewalld

I'm trying to forward a port to an external IP using firewall-cmd, but I need to deny access from certain ips. To setup a port-forward of port 55500, I use: firewall-cmd --permanent --zone=public --...
Pedro Lobito's user avatar
0 votes
2 answers
1k views

Can't access tomcat externally in Centos 7

I just installed tomcat 8 on a Centos 7 server and I know it's working because I could get tomcat's index.html with wget http://localhost:8080. (I couldn't think of another way of testing in a remote ...
Christian's user avatar
  • 101
0 votes
1 answer
289 views

Single VPS, multiple IPs - different iptables rules based on IP

I currently have a VPS with just 1 IP address and I want to buy another IP and do the following: have one public IP with incoming requests allowed only on port 7777 (UDP) have a Mysql server running ...
Pixel's user avatar
  • 3
1 vote
0 answers
72 views

How to limit ICMP Echo requests to 5, then drop for at least 30s (if the pings stop) with iptables?

I tried it with following 2 lines iptables -A INPUT -p icmp --icmp-type 8 -i $EXT -m recent --set -j ACCEPT iptables -A INPUT -p icmp --icmp-type 8 -i $EXT -m recent --update --hitcount 5 --seconds ...
phil330d's user avatar
0 votes
0 answers
684 views

Strongswan Centos 7 Config Issue

I have a problem with configuring Strongswan on Centos 7 ! First please notice that I want to connect with only username and password and I don't want to import any profiles on my phone ! My server ip ...
master lfc6's user avatar
1 vote
0 answers
650 views

Why can't mount nfs server from client?

Follow these two guides installed NFS server and client: https://www.howtoforge.com/nfs-server-and-client-on-centos-7 https://www.howtoforge.com/tutorial/setting-up-an-nfs-server-and-client-on-centos-...
rawmain's user avatar
  • 311
1 vote
0 answers
2k views

Translating a firewall-cmd command to iptables command

I read here that iptables package is part of the Linux Kernel and that every GUI firewall tools are in the end translated in some kind of iptable rules. Now I am setting up Centos 8 server folowing ...
71GA's user avatar
  • 403
0 votes
0 answers
287 views

centos blocking 22 port even if firewall close

I'm trying ssh connection to server but it gives port 22: Connection refused error. I checked firewall and it seems disabled I also checked port 22 with telnet command and it seems blocked.. How ...
Hasan Teoman Tıngır's user avatar
0 votes
1 answer
245 views

Is there any reason to keep firewalld running on a virtual machine with host firewall?

I'm setting up a CentOS 8 virtual machine created under Proxmox. Even when I choose the minimal install, I'm getting firewalld installed and enabled by default. If I activate Proxmox's built-in ...
BenMorel's user avatar
  • 4,607
0 votes
1 answer
42 views

centos firewall, split webtraffic based on subDomain name

I have a CentOS 7 firewall and 1 public IP available (I maybe get a second) and we have 2 subdomains crm.domain.com (its a appliance crm) www.domain.com (there should be the company website) How ...
pille's user avatar
  • 1
0 votes
1 answer
231 views

How to set firewall's log in debian?

I am familiar with debian,so i want to build my vps server with debian instead of centos. There are log file /var/log/firewalld both in centos and debian. In order to activate log function for ...
scrapy's user avatar
  • 337
0 votes
1 answer
926 views

NGINX/Apache does not respond to requests behind NAT

Warning: I am a newbie to NGINX. I used apache2 but on CentOS I am not used to the way it is set up and also I want to try NGINX since its newer and more modern. Edit: I have tested also with Apache(...
dodancs's user avatar
  • 103
0 votes
1 answer
270 views

CentOS - Forwarding all ports except one

It is possible to forward all ports (TCP/UDP) in a CentOS server except by the ssh/sftp port (TCP port 22). If it is possible how can I do this? I thought in something using "FirewallD". Thank you! ...
Eduardo Lucio's user avatar
0 votes
0 answers
50 views

after installed Lets encrypt SSL site is not opening

I am using apache web server on centos 7. I hosted some files, and i installed. after that site was working fine for http. Then i installed Lets encrypt SSL afte this site is not opening. I opend port ...
Vijayakumar JR's user avatar
0 votes
2 answers
187 views

Server's unusual outgoing traffic about 12K GB and Incurred high server traffic costs

Last night my server(centos5) had unusual outgoing traffic, About 12kGB and right now my server is down because I have to pay that traffic's cost. My server is a small server for a small App. I don't ...
Fcoder's user avatar
  • 351
2 votes
2 answers
6k views

How do I completely block port using firewalld?

Disclaimer: It's the first time I use firewalld, be gentle :) . I have a CentOS machine and I want to implement the following requirements using firewalld: Allow connections from anywhere to ports 1,...
Radu Murzea's user avatar
0 votes
1 answer
2k views

How to connect Linux Firewall IP whitelisting with database?

The problem is my dedicated box is getting ddosed. I would like to setup Linux firewall that would whitelist the ip addresses that would be listed in the database. Basically the process should be - ...
NBDY's user avatar
  • 3
4 votes
1 answer
5k views

Block only port from being accessed outside except localhost

On Centos 6 machine, how can I block port 8888 from being accessed except by localhost/127.0.0.1 only using iptables? Actually, I have another port that I want to listen on 8000 instead of 8888. ...
Jaz's user avatar
  • 41
3 votes
1 answer
13k views

Can't connect to mysql on remote server

I have several machines running CentOS, one of which is set up as the mysql server. I had been running this for a while, and was able to connect to mysql from the remote machines with no problem, but ...
Steven Linden's user avatar
0 votes
1 answer
226 views

Firewall block all but one ip spoofing

We have a server which accepts traffic coming from a few sources (ip addresses) and accept's it (using firewalld). All other traffic inbound is blocked. How likely is the risk that somebody ...
user1470265's user avatar
0 votes
1 answer
61 views

Two similar services, two IPs, one server?

I'm running a CentOS 7 box. On this box I have two services which should both be exposed using port 443 for HTTPS traffic. Using a reverse proxy is no option, one service cannot be reconfigured to ...
Robin Diederen's user avatar
0 votes
1 answer
4k views

CentOS 7 - firewalld[8509]: ERROR: COMMAND_FAILED

[root@localhost ~]# systemctl status firewalld -l ● firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: ...
Eric Kim's user avatar
  • 173
3 votes
1 answer
4k views

CentOS 7 SNMP port always closed

I have a CentOS 7 server in which I opened up ports for SNMP connections. Even though I can see the ports open here: [matias@Centos_7_VM ~]$ sudo firewall-cmd --list-all [sudo] password for matias: ...
Matias Barrios's user avatar
0 votes
1 answer
151 views

CentOS 6.8 dropping all connections

I have a CentOS 6.8 (Final) server (on Production). How can I allow the incoming connections to eth0 interface from a different private subnet? Currently, it is accessible on the same network (10.0.6....
Aouie's user avatar
  • 1
3 votes
3 answers
18k views

Why firewalld doesn't apply my drop rule?

In centos 7 I want to block traffic from a source IP (example 3.3.3.3) and for that I apply the following rule: # firewall-cmd --permanent --zone=drop --add-source=3.3.3.0/24 # firewall-cmd --reload ...
kockiren's user avatar
  • 886
2 votes
1 answer
1k views

How can I debug firewall settings in centos?

I'm trying to change my default ssh port to 21212 but something seems to be blocking the new port. After editing the ssh config and restarting the service, I can see from netstat -l that the sshd is ...
user2557789's user avatar
0 votes
0 answers
26 views

APF strangely blocks 443 port with specific time interval

I run on CentOS cloud server. Recently I installed SSL and enabled https for my site. After enabling https every 20-24 hours APF blocks 443 port but 80 is accessible as usual. After I restart APF 443 ...
taras's user avatar
  • 279
4 votes
2 answers
2k views

Configuring an alternate jail in fail2ban for manual use

I have a fail2ban instance that works well. But I also like to occasionally examine the logs manually and try to ID system probes that are working around my standard f2b definitions. What I'm ...
S.ov's user avatar
  • 411
2 votes
1 answer
426 views

Various firewall problems after VPS reboot [Firewall-cmd or iptables?]

CentOS 7, VPS NGinx, virtualmin, pm2, mongodb, mongo-express, openvpn Hi guys, im new to VPS and linux in general but loving the flexibility and things im learning so please stay with me as im sure ...
Cacoon's user avatar
  • 133
1 vote
1 answer
6k views

Firewalld Won't Start Due to Netfilter Issue

Firewalld won't start, and when executing 'systemctl status firewalld', I get the following errors: ERROR: Failed to read file "/proc/sys/net/netfilter/nf_conntrack_helper": [Errno 2] No such ...
James S.'s user avatar
1 vote
1 answer
472 views

added dns port to iptables but it's not open CentOS 7

I added the dns server ports to iptables and even the named service is listening on it when I check it with netstat but when I check the port from outside it's closed. iptables -n -L => output: ...
Saeid Raei's user avatar
1 vote
1 answer
3k views

Cannot Access RStudio Server On CentOS 7 Via Browser

I have a x86_64 system running CentOS 7. I have installed and configured R and RStudio Server on it, but not able to access it via http://<server-ip>:8787 as suggested by the documentation here. ...
Chetan Arvind Patil's user avatar
2 votes
4 answers
5k views

TFTP works localhost but not global

I have a TFTP server on Centos 7.4. The TFTP server is up and running and works well when trying to access a file, connecting on localhost. However, if I try to access the TFTP server from another ...
user440625's user avatar