Page 3 of 36

Re: Linux PowerPC Server Software

Posted: Wed Jan 29, 2020 3:08 pm
by xeno74
Netfilter with "conntrack" is a great solution for a desktop firewall. For example:

Code: Select all

iptables -F
iptables -t filter -A INPUT -j DROP
iptables -t filter -I INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
Basically, all network connections are blocked from the outside except our system has established the connections.

Image

Re: Linux PowerPC Server Software

Posted: Thu Jan 30, 2020 11:10 am
by xeno74
Netfilter (nf_tables) with "conntrack" on Fienix:

Image

NOTE: Fienix uses the nftables framework by default.

Re: Linux PowerPC Server Software

Posted: Fri Jan 31, 2020 7:17 pm
by xeno74
BIND DNS server with DNSSEC:

Image

Re: Linux PowerPC Server Software

Posted: Wed Feb 05, 2020 10:39 am
by xeno74
Connection state matching (CONFIG_NETFILTER_XT_MATCH_STATE)

Allows you to match packets based on their relationship to a tracked connection (ie. previous packets). For example for a desktop firewall.

Code: Select all

iptables -F
iptables -t filter -A INPUT -j DROP
iptables -t filter -I INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Basically, all network connections are blocked from the outside except our system has established the connections.

Image

Re: Linux PowerPC Server Software

Posted: Mon Feb 10, 2020 12:39 pm
by xeno74
vsftpd FTP server on ubuntu MATE 16.04.6 LTS PowerPC:

Image

Re: Linux PowerPC Server Software

Posted: Tue Feb 11, 2020 5:40 pm
by xeno74
openSUSE Tumbleweed PPC64 with the Pure-FTPd:

Image

Re: Linux PowerPC Server Software

Posted: Wed Feb 12, 2020 3:33 pm
by xeno74
openSUSE Tumbleweed PPC64 with iptables and Pure-FTPd:

Image

Passive mode: The FTP client opens the connection to the FTP server via the server port 21. The server tells the client the server port (1024 - 5000).

Re: Linux PowerPC Server Software

Posted: Wed Feb 12, 2020 4:04 pm
by xeno74
openSUSE Tumbleweed PPC64 with iptables and Pure-FTPd in the NAT mode:

Image

Re: Linux PowerPC Server Software

Posted: Sun Feb 16, 2020 3:28 pm
by xeno74
Limit matching with iptables:

Image

Re: Linux PowerPC Server Software

Posted: Tue Feb 18, 2020 8:08 am
by xeno74

Code: Select all

iptables -A INPUT -m tcp -p tcp --dport 22 -m state 
--state ESTABLISHED,RELATED -j ACCEPT 

iptables -A INPUT -m tcp -p tcp --dport 22 -m state 
--state NEW -m limit --limit 3/hour --limit-burst 3 -j ACCEPT 

iptables -A INPUT -m tcp -p tcp --dport 22 -j DROP
Image