Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 4 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I came across a rule:
iptables -A INPUT -p tcp -s 17.3.3.5/24 -d 0/0 --dport 22 -j DROP
and I was just wondering if someone could explain what this rule is doing. More importantly, I would like to know what the
-d 0/0
part means, in the whole rule (I know its destination specification, so the 0/0 part should be an IP address, but why is it 0/0?).
Im speculating that the rule is dropping that one source address when it arrives at destination port 22, but I'm not sure.
If someone could explain, that would be great.
Couldn't find an answer when searching the interwebs :C
Just like -s 17.3.3.5/24 means any source within the CIDR block 17.3.3.5/24, -d 0/0 means any destination within the CIDR block 0.0.0.0/0. Since there are no bits in the network number, every address is inside this network. So it means any destination at all.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 6 years ago.
Improve this question
I found this iptables rule in some project I am working on:
-A INPUT -p tcp -m tcp ! --tcp-flags FIN,SYN,RST,ACK SYN -m state --state NEW -j DROP
What does this rule mean? How does it make the network more secure?
It could be translated by "Drop every incoming segment that initialize a new TCP connection and where SYN control bit is not set among FIN,SYN,RST,ACK." (see here).
A TCP segment used to initialize a connection should have the SYN control bit set so that rule is there to ensure that. Also, I think this rule avoid the use of different port scan techniques involving segments without the SYN control bit set, like ACK scan. It silently drops the segment instead of sending an RST segment that could give information to a potential attacker.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 8 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I understand domain names here will resolve to the IP shown on the left. But can someone elaborate on this subject and explain what each column does? From what I found, ::1 is IPv6 shorthand?
[root#stack]# cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
::1 stack.corp.com stack localhost6.localdomain6 localhost6
Thanks!
The first field is the IP address, the second the canonical host name, and any remaining fields are just aliases that will also resolve to the IP address in the first field.
::1 is, indeed, an IPv6 address, which is short for
0000:0000:0000:0000:0000:0000:0000:0001
(the :: stands in for as many zeros as possible while making the result a valid IPv6 address).
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I have accidentally changed my system to host name. Now i want to change it to my previous host name. But i don't know the previous host name.
Have a look at these files:
/etc/hostname
/etc/hosts
/etc/ssh/ssh_host_*_key.pub
$HOME/.ssh/id_*.pub
In these typically the host name appears and it might be still unchanged by your renaming action (however you did that).
Also these might contain the old name:
/var/log/Xorg.failsafe.log
/var/log/auth.log.1
/var/log/pm-suspend.log.1
/var/log/Xorg.1.log.old
/var/log/lightdm/x-0.log
/var/log/lightdm/x-1.log
/var/log/lightdm/x-2.log
/var/log/pm-suspend.log
/var/log/Xorg.0.log.old
/var/log/Xorg.1.log
/var/log/syslog
/var/log/Xorg.2.log
/var/log/auth.log
/var/log/kern.log.1
/var/log/kern.log
/var/log/Xorg.failsafe.log.old
/var/log/syslog.1
/var/log/Xorg.0.log
In most cases HOSTNAME is defined in /etc/sysconfig/network file, to be set when boot. In some cases you can find it in /etc/hostname
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 8 years ago.
Improve this question
I have a fundamental question with respect to iptables processing logic.
I see iptables have chains PREROUTING, INPUT, OUTPUT, FORWARD and POSTROUTING. And these chains are present in multiple tables.
Based on what I have understood so far, the packet arrives into PREROUTING, then based on routing rules if the packet is meant for the local machine enters INPUT chain. Else it goes to FORWARD chain and then later on POSTROUTING.
But my fundamental question is, if there are multiple INPUT rules in multiple tables. In what order are the tables processed in ? I read that the first table would be raw. But what about the rest ?
Thanks !
For understanding the traversing of each table please go through this guide it would help you understand the flow http://www.faqs.org/docs/iptables/traversingoftables.html
INPUT chains are used only in Filter and Mangle table(used for alteration of packets)
Thanks & Regards,
Alok
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
Closed 9 years ago.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Improve this question
I read in "TCP/IP Network Administration" by O'Reilly, 2002, that typing the route -n command should bring up a routing table.
When I typed it into the terminal on a Mac, it returned the following:
usage: route [-dnqtv] command [[modifiers] args]
What is the correct command to use to see the routing table in my terminal?
On Mac OS X you can use netstat(1). In your case, netstat -nr, probably.