Questions tagged [rules]
The rules tag has no usage guidance.
137
questions
17
votes
3
answers
61k
views
Open Windows Firewall to all connections from specific IP Address
Is it possible to "whitelist" an IP Address in the Windows Firewall and allow all connections from that specific address?
15
votes
2
answers
50k
views
Nginx multiple roots
I'd like to divert off requests to a particular sub-directory, to another root location. How? My existing block is:
server {
listen 80;
server_name www.domain.com;
location / {
...
6
votes
2
answers
6k
views
Restoring iptables at boot (rc.local)
I have saved my iptables rules using the iptables-save > command and i am trying to restore these rules when the machine boots up. I have added the command iptables-restore < "path to rules file"...
6
votes
3
answers
6k
views
Firewall questions about state and policy?
I finally managed to install my VM host and now I am messing with iptables to create, test and learn.
Does it matter if i put the below
rules at the begin or at the end of
my rules ?
$IPT -P INPUT ...
5
votes
2
answers
12k
views
Blocking a network device from communicating with another device on the LAN
I have been working with the firewall/router distribution Pfsense for a while now and I have been trying to figure out how to "isolate" a server on my LAN from other computers on my LAN by using deny/...
4
votes
1
answer
4k
views
How do iptables work with NFQ in terms of traffic shaping in snort?
I'm trying to understand how iptables and NFQ work together with snort.
The reason that I ask this is because from what I understand snort can be set to IPS via NFQ but if you have iptables there ...
3
votes
2
answers
21k
views
How long does it take for an Exchange Transport Rule to STOP applying after it is deleted?
Yesterday my company was hit with a new trojan that uses the old social method of "it came from someone I trust" to suspend user's suspicion (and rationality) and it was opened and run.
During the ...
3
votes
1
answer
80
views
Need advices on iptables
Helly guys ! :-) .
I need a (several?) advice(s) from you about my iptables setup.
I'm pretty new to iptables, and this is the first time I configure a server with iptables ONLY as a firewall (we don'...
3
votes
2
answers
3k
views
Default Centos 5.4 iptables rules?
For what are these rules in the default iptables shipped with centos 5.4 ?
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d ...
3
votes
2
answers
250
views
Internet facing Hub Transport Exchange server with Internet restricted users and a Canon Copier
This is a rather convoluted problem but I hope that someone out there has experienced a similar situation. Here are the facts of what is happening:
We have a single Exchange 2010 server that is ...
3
votes
1
answer
498
views
Force users to use BCC
I want to force users sending mail to my server to use BCC (we're
getting a lot of internal spam created by mailings to 30+ mailing
lists which then reply to all).
I thought spamassassin could be a ...
3
votes
1
answer
3k
views
allow only one ip and block others by using cmd in windows firewall
I want to allow one IP address that can connect to internet (whitelist) and block others' connections through internet using Windows Firewall on Server 2008 using command prompt.
Is it possible to ...
3
votes
1
answer
4k
views
ConnectionFailedTransientException on New-InboxRule
I am trying to create Mailbox Rules on my users to automatically Junk mail marked as SPAM by our MTA.
Using my main account as a test account, I am running the following:
new-inboxrule -name “Auto-...
3
votes
2
answers
2k
views
iptables 1.4 and passive FTP on custom port
after the upgrade from debian squeeze to wheezy I've got a problem with passive FTP connection.
I could narrow it to be iptables related, as I could connect via FTP w/o problems after adding my IP to ...
3
votes
1
answer
465
views
Windows firewall - let an application only access 2 ips (outbound)
How do I create a Windows firewall rule that lets application X only open connections (outbound) to two ip addresses, while blocking everything else?
3
votes
1
answer
756
views
Exchange resource mailbox rule
I have a resource mailbox set up in Exchange 2010 with auto attendant and it is auto accepting meetings without a problem. What I'm looking for it to do is the following:
If a meeting is approved ...
3
votes
0
answers
4k
views
Blocking ALL outgoing traffic Using firewalld to dedicated network subnets?
I have several RHEL7/CentOS7 servers on which I need to block all OUTGOING traffic to dedicated machines or dedicated network subnets e.g. CIDR 168.192.10.0/24.
For the moment I tried with firewall-...
3
votes
1
answer
3k
views
All methods of making iptables persist are not working
I set rules in iptables a few months back and used iptables-persistent to make the rules persist through reboot. I just updated my rules and am trying to make them persist but nothing is working they ...
2
votes
2
answers
7k
views
saving iptables rules without logging in to root
I am trying to save iptables rules file to /etc/sysconfig/iptables. I want to do this without logging in to root. I tried to using
sudo iptables-save > /etc/sysconfig/iptables
but it throws ...
2
votes
2
answers
37k
views
nginx: Disallow Access to a Folder, except some subfolders
How it is possible to deny access to a folder, but except some subfolders in it from "deny"?
I tried something like this (in this order):
#this subfolder shouldn't be denied and php scripts inside ...
2
votes
2
answers
980
views
iptables rejects everything it should accept
Everybody, hello!
I'm trying to setup my server firewall using iptables (I have to admit that last time I used iptables was a year ago), but iptables acts contrary to what I ask.
Here is my test ...
2
votes
1
answer
2k
views
Slow rules inserting in UFW
I need to block about 10 000 IP addresses in my firewall, I have all IP addresses in file, so I run this command from command line:
while read line; do sudo ufw insert 1 deny from $line; done < ...
2
votes
1
answer
677
views
Overwritten auditd rules in PCI DSS environement
I'm setting up a PCI DSS environment and I'm facing the next problem. When installing de OS (CentOS 7.3 Minimal) I've choosen the profile "PCI DSS".
When I was checkin the rules applied on /etc/audit/...
2
votes
1
answer
5k
views
Nginx reverse proxy trailing slash
This question is already answered multiple times but in my case there is a twist.
I am having a node app which is running on port 3000. I am using nginx to reverse proxy. Now the application only ...
2
votes
1
answer
108
views
Configuring firewall rules
I am trying to configure firewall rules for my windows PC
i would like to achieve this scenario
All packets from PC A will use this proxy server x.x.x.x at port AA
However, these are my rules
...
2
votes
1
answer
2k
views
Iptables rule to block ip range for a specific string (works sometimes)
After a two week search and read I ended up with this iptable rule that blocks youtube (as string) to an ip range in my office network.
iptables -A FORWARD -t filter -m iprange --src-range 10.217.76....
2
votes
1
answer
5k
views
How to create Exchange server rules for all users?
How to create Exchange server rules for all users? We want to give each user a rule where "email sent to this distribution group be placed in a special folder". Is this possible? We are using exchange ...
2
votes
2
answers
502
views
Is there a way to see all the current Apache rules in effect?
Is there a way to see all the current Apache rules in effect?
2
votes
1
answer
367
views
IPCop Packet Mangling
I've found myself in a pickle replacing an old firewall for a client this afternoon. I'm configuring their new IPCop firewall (1.4.21), Zerina OpenVPN addon is installed.
What I need to do: There are ...
2
votes
2
answers
473
views
Exchange Transport Rule to block combination of recipients?
Is it possible to create an ETR that blocks certain combinations of recipients? Imagine I have two customers in different domains with similar email addresses. I want to prevent sending to recipient ...
2
votes
1
answer
270
views
how to configure ipaddress filters with system-config-firewall
The system is Fedora 23. The objective is to allow a specific port or range of ports access from a limited set of ip addresses. This can be done manually withe the following rule:
-A INPUT -m state -...
2
votes
1
answer
321
views
Programatically Creating Outlook Rules
I need to distribute a rule to all my users. Conditions are subject contains, from and has attachment. I didn't want to reinvent the wheel for this, so I initially tried New-InboxRule from the ...
2
votes
1
answer
1k
views
Domain based firewall outbound rules
We have a webserver (IIS) hosting some e-commerce websites. Our firewall in front of the server has a restriction on inbound and outbound traffic. The webserver makes outbound calls to payment ...
1
vote
1
answer
203
views
iptables not writing rules
im running these two rules as root, but when doing a iptables -L it dosent show any rules, any one have an idea of what the problem can be?
iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 --...
1
vote
1
answer
7k
views
How can I forward mail in Domino 8.5.3 without keeping a copy in the original recipient's mailbox?
I'm new to Domino and need to forward email that a user receives to another user. However, I do not want to keep a local copy of the message in the inbox of the original recipient. Can anyone explain ...
1
vote
4
answers
3k
views
ESX servers in a DMZ
I have two ESX 3.5 servers in a DMZ. I can access these servers on any port from my LAN via a VPN. Servers in the DMZ are unable to initiate connections back to the LAN, for obvious reasons. I have a ...
1
vote
1
answer
703
views
Shorewall - Allow Remote Client to Ping the Internet
My network address is 192.168.5.0. My host machine is 192.168.5.1 and my client machine is 192.168.5.2. Currently, my client is unable to use the internet browser and even ping the internet. The ...
1
vote
1
answer
3k
views
Cannot set GeoIP rules in iptables
I try to add this rule:
iptables -A INPUT -m geoip ! --src-cc CZ,SK -j DROP
I set GeoIP support according to this answer: Ubuntu IPTables allow only allow 1 country | Super User
But it doesn't work,...
1
vote
2
answers
6k
views
Performance of iptables
I would like to ask you what is performance of iptables.
Let's say that I whitelist and blacklist some IP addresses, I block about 10 000+ IP addresses, so every IP is like new rule.
I don't know ...
1
vote
2
answers
2k
views
Modsecurity Ignore/Whitelist IP
I have looked around on the net and have seen many common answers for this , however, none of them are working.
I am trying to use this to ignore whenever our scans kick off in the morning.
SecRule ...
1
vote
1
answer
12k
views
Redirect all traffic on my network to a welcome page [closed]
When someone connects to my network and tries to browse, I would like to redirected to a welcome page. I know there are some commercial solutions for hotspots out there, what I am looking for is just ...
1
vote
1
answer
3k
views
Limit Connections Per IP Windows 2008 R2 x64
Hello I have been searching for a solution to this, what I want to accomplish is the ability for me to define firewall rules that will limit the amount of connections to certain ports from the same ...
1
vote
1
answer
2k
views
nginx: rewrite a non-existent php-file to another php-file with all arguments
i really need help here. Sitting for some time now and dont figured it out.
I want to realize a very simple task - rewrite a non-existent php file to another existant php file with all arguments like:...
1
vote
1
answer
2k
views
How to stop bots using nginx?
I need to detect bots that act as authenticated users and saturate database's available connections by sending repetitive requests. I am wondering whether it is possible to stop dummy them using nginx ...
1
vote
1
answer
622
views
iptables allow HTTP from anywhere, MySQL internally and lock SSH to a specific ip
Having trouble getting my head around iptables rules
I need to:
Allow HTTP traffic to 80 and 443 from anywhere
Allow MySQL traffic 3306 internally
Allow SSH access from a specific list of IP ...
1
vote
1
answer
1k
views
F5/BigIP rule to redirect affinity-bound users from INACTIVE pool node to other ACTIVE node
We have several server nodes set up for the end users of our system and because we don't use any kind of session replication in the app servers, F5 maintains affinity for users with the ACTIVE node ...
1
vote
4
answers
11k
views
Export firewall rules on Juniper SSG-550
I'd like to export all the policies set up in my Juniper SSG-550 running JunOS 5.1 but i can't find any way to do so.
Preferably in an easy to parse format (csv would be great).
Problem is the ...
1
vote
2
answers
7k
views
pfSense gateway rules by IP ranges
I have pfSense (1.2.3) with a WAN (gateway 10.10.20.1/24) and an OPT1 (gateway 10.10.21.1/24). I also have a LAN (static 10.10.12.1/24, DHCP 10.10.12.128-199/24).
I want to create rules so that ...
1
vote
1
answer
4k
views
htaccess, block access a url with parameters
If I want to block access to example.com/path/?xxxx (xxxx is variable), but allow access to example.com/path/, how should I write it in my .htaccess?
1
vote
1
answer
2k
views
Office365: Error trying to create Inbox Rule via PowerShell
In our Office365 environment I'm trying to programmatically create rules that will move incoming messages based on the distribution list they were received as.
However, while prototyping, the ...