At some point I counted my DROP rules in my firewall and the result was kinda frightening. A lot of subnets and even more IPs… What was really annoying was that there were a lot of IP addresses which belonged to an already blocked subnet, so I needed a script to check this for me. … Continue reading Check if an IP is in a subnet
This document describes a stealth method to externally open ports that, by default, are kept closed by the firewall. Server side 1. Install knockd [codesyntax lang=”bash”] apt-get install knockd [/codesyntax] 2. Configure knockd [codesyntax lang=”bash”] vim /etc/knockd.conf [options] UseSyslog [OpenClosePort] sequence = 2123:udp,3543:tcp,6454:udp seq_timeout = 5 Start_Command = /sbin/iptables -I INPUT -s %IP% -p tcp … Continue reading Set port knocking with knockd and iptables
This document describes the required steps to make a fully functional PPTP server on debian squeeze and how to configure Arno iptables firewall to accept incoming connections to PPTP server (in case you use this great firewall script). If you don’t use Arno iptables firewall but you still want to share internet connection with PPTP … Continue reading How to install a PPTP server on debian squeeze