Page 3 of 36
Re: Linux PowerPC Server Software
Posted: Wed Jan 29, 2020 3:08 pm
by xeno74
Netfilter with "conntrack" is a great solution for a desktop firewall. For example:
Code: Select all
iptables -F
iptables -t filter -A INPUT -j DROP
iptables -t filter -I INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
Basically, all network connections are blocked from the outside except our system has established the connections.
Re: Linux PowerPC Server Software
Posted: Thu Jan 30, 2020 11:10 am
by xeno74
Netfilter (nf_tables) with "conntrack" on Fienix:
NOTE: Fienix uses the nftables framework by default.
Re: Linux PowerPC Server Software
Posted: Fri Jan 31, 2020 7:17 pm
by xeno74
BIND DNS server with DNSSEC:
Re: Linux PowerPC Server Software
Posted: Wed Feb 05, 2020 10:39 am
by xeno74
Connection state matching (CONFIG_NETFILTER_XT_MATCH_STATE)
Allows you to match packets based on their relationship to a tracked connection (ie. previous packets). For example for a desktop firewall.
Code: Select all
iptables -F
iptables -t filter -A INPUT -j DROP
iptables -t filter -I INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Basically, all network connections are blocked from the outside except our system has established the connections.
Re: Linux PowerPC Server Software
Posted: Mon Feb 10, 2020 12:39 pm
by xeno74
vsftpd FTP server on ubuntu MATE 16.04.6 LTS PowerPC:
Re: Linux PowerPC Server Software
Posted: Tue Feb 11, 2020 5:40 pm
by xeno74
openSUSE Tumbleweed PPC64 with the
Pure-FTPd:
Re: Linux PowerPC Server Software
Posted: Wed Feb 12, 2020 3:33 pm
by xeno74
openSUSE Tumbleweed PPC64 with iptables and Pure-FTPd:
Passive mode: The FTP client opens the connection to the FTP server via the server port 21. The server tells the client the server port (1024 - 5000).
Re: Linux PowerPC Server Software
Posted: Wed Feb 12, 2020 4:04 pm
by xeno74
openSUSE Tumbleweed PPC64 with iptables and Pure-FTPd in the NAT mode:
Re: Linux PowerPC Server Software
Posted: Sun Feb 16, 2020 3:28 pm
by xeno74
Limit matching with iptables:
Re: Linux PowerPC Server Software
Posted: Tue Feb 18, 2020 8:08 am
by xeno74
Code: Select all
iptables -A INPUT -m tcp -p tcp --dport 22 -m state
--state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -m tcp -p tcp --dport 22 -m state
--state NEW -m limit --limit 3/hour --limit-burst 3 -j ACCEPT
iptables -A INPUT -m tcp -p tcp --dport 22 -j DROP