Re: HOWTO: Set a custom firewall (iptables) and Tips
Can anybody tell me, how to create a black list scrip, that would drop all incoming request from IP-s in the list deny_hosts.conf? How to read file line by line, ignoring commented and compare IP-s to the ones from list and DROP them?
Re: HOWTO: Set a custom firewall (iptables) and Tips
Give me your deny_hosts.conf and i will write you a perl script to generate the corresponding iptables lines. This script will fill a file called iptables_black_list.bash for example then all you would have to do is to add a line in your firewall script to excecute this iptables_black_list.bash file.
1 Attachment(s)
Re: HOWTO: Set a custom firewall (iptables) and Tips
Great! I was struggling with bash, but it takes some time since I am nearly new to this.
I'm actually using ubuntu-firewall now, since I had some unwelcome visitors that managed to get to some server rights.
Ubuntu firewall has an option custom script file that should point to it.
The attached list deny_hosts.txt contains a relative small number of bad ip-s, but we can create some web servis, that would contain a bad list.
Attachment 38536
Thanks very much.
1 Attachment(s)
Re: HOWTO: Set a custom firewall (iptables) and Tips
If you understand the guide you can write your own script rather than using ubuntu-firewall which help you to create it.
Anyway here is the script (at the bottom of the post, remove the .txt extension), download it then give it execute rights finally put it under /usr/bin/. Then to use it type this :
Code:
deny-ip-generator.pl <deny-ip text files> <output file>
where the first parameter is your input text file or the path to your input text file and the second is the output file or the path to the output file which is your custom iptables script.
Re: HOWTO: Set a custom firewall (iptables) and Tips
Thanks very much. I did write my on wall, as I started with 5.04, but adding some advanced functionality gave me a struggle. So it was easier to install ubuntu firewall. Basically I'm short of time since my basic job is coding some other stuff. I was quite shocked, that I had guests in my server but the good think is that only few of them got in. 2 to many. thx
Re: HOWTO: Set a custom firewall (iptables) and Tips
Thanks a bunch for this great guide!
I connect to an ADSL connection via PPPoE (using pppoeconf), and none of the iptables front ends seem to let me connect. Your instructions worked perfectly, though, and now the test sites report me as completely stealthed.
A few questions about setting up rules for Gizmo:
1. On this page, they describe the ports and services needed. If I see something like this, do I need to edit the script?
2. If so, when they say some ports are for "incoming" and some for "outgoing", does that mean I need to choose between dport and sport in my rules? (Which is which?)
3. How does one specify a rule allowing for "All outgoing UDP ports above 1023"?
TIA
Re: HOWTO: Set a custom firewall (iptables) and Tips
1- First try and see if the apps works, if it works no need to modify anything. If it doesn't work you will need to edit the script.
2- The script i provide in the first post only block incoming traffic so you only have to concider incoming ports.
So the rules you would have to add if it doen't work by default would be something like :
Code:
iptables -A TRUSTED -i eth0 -p udp -m udp --dport 5004 -j ACCEPT
iptables -A TRUSTED -i eth0 -p udp -m udp --dport 5005 -j ACCEPT
iptables -A TRUSTED -i eth0 -p udp -m udp --dport 64064 -j ACCEPT
As for using dport or sport it depends on the context but not on the nature of the packet (incoming or outgoing), if you don't know the one to choose try one and if i don't work try the other not really painful :)
And my secret tip, because iptables is widely used if you perform a google search with "iptables" and "gizmo" as keyword i'm quite sure you will find the rules you need.
Here is what i found ;) :
http://www.voipplanet.com/background...le.php/3638086
3- In the case you are filtering outgoing traffic (what you don't) it would be :
Code:
iptables -A OUTPUT -p udp --dport 1024:65535 -j ACCEPT
Re: HOWTO: Set a custom firewall (iptables) and Tips
Right - forgot to mention Gizmo wasn't (and still isn't) working, but it's good to know what the problem is not. Thanks for the info and tips. :)
Re: HOWTO: Set a custom firewall (iptables) and Tips
hi I'm trying to follow your firewall guide but when I try to start the firewall it either says the file does not exist or it says
: command not found
: command not found
'irewall: line 6:syntax error near unexpected token '{
'irewall: line 6: 'start() {
What am I doing wrong here ?
Re: HOWTO: Set a custom firewall (iptables) and Tips
Wow, great how to I put it on stumble upon so you should start getting more hits now.:)