Skip to main content

Questions tagged [rules]

The tag has no usage guidance.

Filter by
Sorted by
Tagged with
17 votes
3 answers
61k views

Open Windows Firewall to all connections from specific IP Address

Is it possible to "whitelist" an IP Address in the Windows Firewall and allow all connections from that specific address?
Aidan Knight's user avatar
15 votes
2 answers
50k views

Nginx multiple roots

I'd like to divert off requests to a particular sub-directory, to another root location. How? My existing block is: server { listen 80; server_name www.domain.com; location / { ...
Michael restore Monica Cellio's user avatar
6 votes
2 answers
6k views

Restoring iptables at boot (rc.local)

I have saved my iptables rules using the iptables-save > command and i am trying to restore these rules when the machine boots up. I have added the command iptables-restore < "path to rules file"...
Troller's user avatar
  • 171
6 votes
3 answers
6k views

Firewall questions about state and policy?

I finally managed to install my VM host and now I am messing with iptables to create, test and learn. Does it matter if i put the below rules at the begin or at the end of my rules ? $IPT -P INPUT ...
Guapo's user avatar
  • 453
5 votes
2 answers
12k views

Blocking a network device from communicating with another device on the LAN

I have been working with the firewall/router distribution Pfsense for a while now and I have been trying to figure out how to "isolate" a server on my LAN from other computers on my LAN by using deny/...
user99545's user avatar
  • 273
4 votes
1 answer
4k views

How do iptables work with NFQ in terms of traffic shaping in snort?

I'm trying to understand how iptables and NFQ work together with snort. The reason that I ask this is because from what I understand snort can be set to IPS via NFQ but if you have iptables there ...
Danny 's user avatar
  • 41
3 votes
2 answers
21k views

How long does it take for an Exchange Transport Rule to STOP applying after it is deleted?

Yesterday my company was hit with a new trojan that uses the old social method of "it came from someone I trust" to suspend user's suspicion (and rationality) and it was opened and run. During the ...
Alderin's user avatar
  • 63
3 votes
1 answer
80 views

Need advices on iptables

Helly guys ! :-) . I need a (several?) advice(s) from you about my iptables setup. I'm pretty new to iptables, and this is the first time I configure a server with iptables ONLY as a firewall (we don'...
iptablewnew's user avatar
3 votes
2 answers
3k views

Default Centos 5.4 iptables rules?

For what are these rules in the default iptables shipped with centos 5.4 ? -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp --dport 5353 -d ...
benjisail's user avatar
  • 1,329
3 votes
2 answers
250 views

Internet facing Hub Transport Exchange server with Internet restricted users and a Canon Copier

This is a rather convoluted problem but I hope that someone out there has experienced a similar situation. Here are the facts of what is happening: We have a single Exchange 2010 server that is ...
palemouse's user avatar
3 votes
1 answer
498 views

Force users to use BCC

I want to force users sending mail to my server to use BCC (we're getting a lot of internal spam created by mailings to 30+ mailing lists which then reply to all). I thought spamassassin could be a ...
dtech's user avatar
  • 643
3 votes
1 answer
3k views

allow only one ip and block others by using cmd in windows firewall

I want to allow one IP address that can connect to internet (whitelist) and block others' connections through internet using Windows Firewall on Server 2008 using command prompt. Is it possible to ...
Haikal Adnan's user avatar
3 votes
1 answer
4k views

ConnectionFailedTransientException on New-InboxRule

I am trying to create Mailbox Rules on my users to automatically Junk mail marked as SPAM by our MTA. Using my main account as a test account, I am running the following: new-inboxrule -name “Auto-...
Optimaximal's user avatar
3 votes
2 answers
2k views

iptables 1.4 and passive FTP on custom port

after the upgrade from debian squeeze to wheezy I've got a problem with passive FTP connection. I could narrow it to be iptables related, as I could connect via FTP w/o problems after adding my IP to ...
Cracky's user avatar
  • 41
3 votes
1 answer
465 views

Windows firewall - let an application only access 2 ips (outbound)

How do I create a Windows firewall rule that lets application X only open connections (outbound) to two ip addresses, while blocking everything else?
Henry Smith's user avatar
3 votes
1 answer
756 views

Exchange resource mailbox rule

I have a resource mailbox set up in Exchange 2010 with auto attendant and it is auto accepting meetings without a problem. What I'm looking for it to do is the following: If a meeting is approved ...
Brandon's user avatar
  • 31
3 votes
0 answers
4k views

Blocking ALL outgoing traffic Using firewalld to dedicated network subnets?

I have several RHEL7/CentOS7 servers on which I need to block all OUTGOING traffic to dedicated machines or dedicated network subnets e.g. CIDR 168.192.10.0/24. For the moment I tried with firewall-...
m0ll3art's user avatar
3 votes
1 answer
3k views

All methods of making iptables persist are not working

I set rules in iptables a few months back and used iptables-persistent to make the rules persist through reboot. I just updated my rules and am trying to make them persist but nothing is working they ...
Aaron Martin's user avatar
2 votes
2 answers
7k views

saving iptables rules without logging in to root

I am trying to save iptables rules file to /etc/sysconfig/iptables. I want to do this without logging in to root. I tried to using sudo iptables-save > /etc/sysconfig/iptables but it throws ...
john's user avatar
  • 55
2 votes
2 answers
37k views

nginx: Disallow Access to a Folder, except some subfolders

How it is possible to deny access to a folder, but except some subfolders in it from "deny"? I tried something like this (in this order): #this subfolder shouldn't be denied and php scripts inside ...
carrot's user avatar
  • 97
2 votes
2 answers
980 views

iptables rejects everything it should accept

Everybody, hello! I'm trying to setup my server firewall using iptables (I have to admit that last time I used iptables was a year ago), but iptables acts contrary to what I ask. Here is my test ...
Penegal's user avatar
  • 156
2 votes
1 answer
2k views

Slow rules inserting in UFW

I need to block about 10 000 IP addresses in my firewall, I have all IP addresses in file, so I run this command from command line: while read line; do sudo ufw insert 1 deny from $line; done < ...
tomsk's user avatar
  • 297
2 votes
1 answer
677 views

Overwritten auditd rules in PCI DSS environement

I'm setting up a PCI DSS environment and I'm facing the next problem. When installing de OS (CentOS 7.3 Minimal) I've choosen the profile "PCI DSS". When I was checkin the rules applied on /etc/audit/...
Abel's user avatar
  • 322
2 votes
1 answer
5k views

Nginx reverse proxy trailing slash

This question is already answered multiple times but in my case there is a twist. I am having a node app which is running on port 3000. I am using nginx to reverse proxy. Now the application only ...
Minato Namikaze's user avatar
2 votes
1 answer
108 views

Configuring firewall rules

I am trying to configure firewall rules for my windows PC i would like to achieve this scenario All packets from PC A will use this proxy server x.x.x.x at port AA However, these are my rules ...
aceminer's user avatar
  • 145
2 votes
1 answer
2k views

Iptables rule to block ip range for a specific string (works sometimes)

After a two week search and read I ended up with this iptable rule that blocks youtube (as string) to an ip range in my office network. iptables -A FORWARD -t filter -m iprange --src-range 10.217.76....
ASK's user avatar
  • 41
2 votes
1 answer
5k views

How to create Exchange server rules for all users?

How to create Exchange server rules for all users? We want to give each user a rule where "email sent to this distribution group be placed in a special folder". Is this possible? We are using exchange ...
erotsppa's user avatar
  • 2,153
2 votes
2 answers
502 views

Is there a way to see all the current Apache rules in effect?

Is there a way to see all the current Apache rules in effect?
user avatar
2 votes
1 answer
367 views

IPCop Packet Mangling

I've found myself in a pickle replacing an old firewall for a client this afternoon. I'm configuring their new IPCop firewall (1.4.21), Zerina OpenVPN addon is installed. What I need to do: There are ...
Zenham's user avatar
  • 622
2 votes
2 answers
473 views

Exchange Transport Rule to block combination of recipients?

Is it possible to create an ETR that blocks certain combinations of recipients? Imagine I have two customers in different domains with similar email addresses. I want to prevent sending to recipient ...
bendodge's user avatar
  • 166
2 votes
1 answer
270 views

how to configure ipaddress filters with system-config-firewall

The system is Fedora 23. The objective is to allow a specific port or range of ports access from a limited set of ip addresses. This can be done manually withe the following rule: -A INPUT -m state -...
dan sawyer's user avatar
2 votes
1 answer
321 views

Programatically Creating Outlook Rules

I need to distribute a rule to all my users. Conditions are subject contains, from and has attachment. I didn't want to reinvent the wheel for this, so I initially tried New-InboxRule from the ...
Steven's user avatar
  • 141
2 votes
1 answer
1k views

Domain based firewall outbound rules

We have a webserver (IIS) hosting some e-commerce websites. Our firewall in front of the server has a restriction on inbound and outbound traffic. The webserver makes outbound calls to payment ...
user154707's user avatar
1 vote
1 answer
203 views

iptables not writing rules

im running these two rules as root, but when doing a iptables -L it dosent show any rules, any one have an idea of what the problem can be? iptables -A PREROUTING -t nat -i eth0 -p tcp --dport 80 --...
Darkmage's user avatar
  • 313
1 vote
1 answer
7k views

How can I forward mail in Domino 8.5.3 without keeping a copy in the original recipient's mailbox?

I'm new to Domino and need to forward email that a user receives to another user. However, I do not want to keep a local copy of the message in the inbox of the original recipient. Can anyone explain ...
Cividan's user avatar
  • 79
1 vote
4 answers
3k views

ESX servers in a DMZ

I have two ESX 3.5 servers in a DMZ. I can access these servers on any port from my LAN via a VPN. Servers in the DMZ are unable to initiate connections back to the LAN, for obvious reasons. I have a ...
James's user avatar
  • 128
1 vote
1 answer
703 views

Shorewall - Allow Remote Client to Ping the Internet

My network address is 192.168.5.0. My host machine is 192.168.5.1 and my client machine is 192.168.5.2. Currently, my client is unable to use the internet browser and even ping the internet. The ...
alyssaeliyah's user avatar
1 vote
1 answer
3k views

Cannot set GeoIP rules in iptables

I try to add this rule: iptables -A INPUT -m geoip ! --src-cc CZ,SK -j DROP I set GeoIP support according to this answer: Ubuntu IPTables allow only allow 1 country | Super User But it doesn't work,...
tomsk's user avatar
  • 297
1 vote
2 answers
6k views

Performance of iptables

I would like to ask you what is performance of iptables. Let's say that I whitelist and blacklist some IP addresses, I block about 10 000+ IP addresses, so every IP is like new rule. I don't know ...
tomsk's user avatar
  • 297
1 vote
2 answers
2k views

Modsecurity Ignore/Whitelist IP

I have looked around on the net and have seen many common answers for this , however, none of them are working. I am trying to use this to ignore whenever our scans kick off in the morning. SecRule ...
LUser's user avatar
  • 227
1 vote
1 answer
12k views

Redirect all traffic on my network to a welcome page [closed]

When someone connects to my network and tries to browse, I would like to redirected to a welcome page. I know there are some commercial solutions for hotspots out there, what I am looking for is just ...
Arturo's user avatar
  • 423
1 vote
1 answer
3k views

Limit Connections Per IP Windows 2008 R2 x64

Hello I have been searching for a solution to this, what I want to accomplish is the ability for me to define firewall rules that will limit the amount of connections to certain ports from the same ...
Upperfoot's user avatar
1 vote
1 answer
2k views

nginx: rewrite a non-existent php-file to another php-file with all arguments

i really need help here. Sitting for some time now and dont figured it out. I want to realize a very simple task - rewrite a non-existent php file to another existant php file with all arguments like:...
carrot's user avatar
  • 97
1 vote
1 answer
2k views

How to stop bots using nginx?

I need to detect bots that act as authenticated users and saturate database's available connections by sending repetitive requests. I am wondering whether it is possible to stop dummy them using nginx ...
alfish's user avatar
  • 3,177
1 vote
1 answer
622 views

iptables allow HTTP from anywhere, MySQL internally and lock SSH to a specific ip

Having trouble getting my head around iptables rules I need to: Allow HTTP traffic to 80 and 443 from anywhere Allow MySQL traffic 3306 internally Allow SSH access from a specific list of IP ...
Tom's user avatar
  • 786
1 vote
1 answer
1k views

F5/BigIP rule to redirect affinity-bound users from INACTIVE pool node to other ACTIVE node

We have several server nodes set up for the end users of our system and because we don't use any kind of session replication in the app servers, F5 maintains affinity for users with the ACTIVE node ...
j pimmel's user avatar
  • 123
1 vote
4 answers
11k views

Export firewall rules on Juniper SSG-550

I'd like to export all the policies set up in my Juniper SSG-550 running JunOS 5.1 but i can't find any way to do so. Preferably in an easy to parse format (csv would be great). Problem is the ...
user avatar
1 vote
2 answers
7k views

pfSense gateway rules by IP ranges

I have pfSense (1.2.3) with a WAN (gateway 10.10.20.1/24) and an OPT1 (gateway 10.10.21.1/24). I also have a LAN (static 10.10.12.1/24, DHCP 10.10.12.128-199/24). I want to create rules so that ...
lpfavreau's user avatar
  • 439
1 vote
1 answer
4k views

htaccess, block access a url with parameters

If I want to block access to example.com/path/?xxxx (xxxx is variable), but allow access to example.com/path/, how should I write it in my .htaccess?
Sanata's user avatar
  • 11
1 vote
1 answer
2k views

Office365: Error trying to create Inbox Rule via PowerShell

In our Office365 environment I'm trying to programmatically create rules that will move incoming messages based on the distribution list they were received as. However, while prototyping, the ...
Oliver Giesen's user avatar