linux – Deny port redirection based on source IP – firewalld

I’m trying to forward a port to an external IP using firewall-cmd, but I need to deny access from certain ips.


To setup a port-forward of port 55500, I use:

firewall-cmd --permanent --zone=public --add-forward-port=port=55500:proto=tcp:toport=55500:toaddr=2.2.2.2

Which works fine, and users connecting to port 55500 are successfully redirected to 2.2.2.2 , but, as mentioned previously, I need to deny access to users coming from 1.1.1.1/24, for that I tried:

firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='1.1.1.1/24' reject"

or :

firewall-cmd --permanent --zone=public --add-rich-rule='rule family=ipv4 source address=1.1.1.1/24 port port=55500 protocol=tcp reject'

or:

firewall-cmd --zone=drop --add-source=1.1.1.1/24

But none of the commands above (all followed by firewall-cmd --reload) worked, and users connecting to port 55500 from 1.1.1.1 still get redirected to 2.2.2.2.


How can I deny the port redirection based on the source IP?

linux – Deny port redirection based on source IP – firewalld

I’m trying to forward a port to an external IP using firewall-cmd, but I need to deny access from certain ips.


To setup a port-forward of port 55500, I use:

firewall-cmd --permanent --zone=public --add-forward-port=port=55500:proto=tcp:toport=55500:toaddr=2.2.2.2

The above works fine and users connecting to port 55500 get successfully redirected to 2.2.2.2 , but, as mentioned previously, I need to deny access to users coming from 1.1.1.1/24, for that I tried:

firewall-cmd --permanent --add-rich-rule="rule family='ipv4' source address='1.1.1.1/24' reject"

or :

firewall-cmd --permanent --zone=public --add-rich-rule='rule family=ipv4 source address=1.1.1.1/24 port port=55500 protocol=tcp reject'

or:

firewall-cmd --zone=drop --add-source=1.1.1.1/24

But none of the commands above worked, and users connecting to port 55500 from 1.1.1.1 still get redirected to 2.2.2.2.


How can I deny the port redirection based on the source IP?

linux – How could I connect a public port to a different internal port?

I’m setting up a 2nd Plex server and I’ve decided to use port 32401 instead of port 32400 since I already have a Plex server running on that port.

My issue is that Plex wants (publicip):32401 to point to (localip):32400 but my router can only point public ports to the same local ports (so no (publicip):32401 -> (localip):32400).

Is there a way for Linux to listen to port 32401 and “reroute” it internally to port 32400? I’ve seen similar iptables commands but none fit my exact use case.

Dedicated Server Special πŸ”· E3-1230v1 πŸ”· 32GB RAM πŸ”· 1Gbit Port πŸ”· upto /24 IPv4 πŸ”·3 DCs πŸ”· @$35/Mo


SteadyVPS – provides customer-oriented cloud web hosting services and professional online solutions for individuals, developers, programmers, and small to large businesses. Our products and services are perfectly designed with such infrastructure, premium hardware. We provide high quality VPS hosting services and best dedicated server hosting at the cheapest possible rate for your higher satisfaction.

WHAT MAKES US STAND OUT AMONG THE SEA OF HOSTING PROVIDERS

  1. Quality – We only use top of the line servers on a top-tier facility for high quality performance.
  2. Reliability – Support technicians are always ready and on standby to assist our clients.
  3. Guaranteed Resources – We have ample of resources to cater thousands of clients, but we do not sell more than what we can provide. All the specifications and resources listed in our all of our plans are guaranteed.
  4. Price Lock Guarantee – Any plan you purchase will stay at that same price for the length of your stay with us, except if it was terminated, or if you plan to upgrade/downgrade to another plan.
  5. Premium Network – The network consists of Level3, Hurricane Electric, Global Crossing, Cogent, and more that are actively route optimized to ensure optimal latency, throughput and overall performance.
Special E3 Offer For Limited Time Only

CPU: Intel Xeon E3-1230v1

RAM: 32GB

HDD: 500 GB/120GB SSD

Bandwidth: 10 TB

Port: 1gbit

IPv4: /29 (5 usable)

Datacenter: Los Angeles/New York/Seattle
ORDER NOW

We accept PayPal, Debit Card and Credit Card (through PayPal) and Bitcoin for payments. We are strictly against Spam/Bulk Mail, Warez. You can view our Terms of Service here and our Privacy Policy here. For more information, head on over to our website https://steadyvps.com/

wordpress – Changing port of mariadb in docker-compose

I run a number of WordPress sites using docker-compose (and nginx-proxy). So I can use the same docker-compose file for each site I use .env. I want each of the MariaDB containers to use different ports (as they are sharing the same external docker network).

What I have is the below compose file but when I bring it up I get.

MySQL Connection Error: (2002) Connection refused

Previously I was using the same compose file without the ports: section and with the port hardcoded in the WordPress section and it worked.

Where did I go wrong?

docker-compose.yml

version: '3'

services:
  db:
    image: mariadb
    container_name: ${DB_CONTAINER}
    hostname: ${DB_CONTAINER}
    ports:
      - ${DB_PORT}:3306
    volumes:
      - ./db:/var/lib/mysql
    restart: always
    environment:
      MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD}
      MYSQL_DATABASE: wordpress
      MYSQL_USER: wordpress
      MYSQL_PASSWORD: ${DB_WP_PASSWORD}

  wordpress:
    depends_on:
      - db
    image: wordpress:latest
    restart: always
    container_name: ${WP_CONTAINER}
    hostname: ${WP_CONTAINER}
    volumes:
      - ./html:/var/www/html
    expose:
      - 80
    restart: always
    environment:
      VIRTUAL_HOST: ${DOMAINS}
      LETSENCRYPT_HOST: ${DOMAINS}
      LETSENCRYPT_EMAIL: ${EMAIL}
      WORDPRESS_DB_HOST: db:${DB_PORT}
      WORDPRESS_DB_USER: wordpress
      WORDPRESS_DB_PASSWORD: ${DB_WP_PASSWORD}

networks:
  default:
    external:
            name: nginx-proxy

.env

DB_CONTAINER=test_click_db
WP_CONTAINER=test_click_wp
DB_PORT=13306
EMAIL=bene@domain.com
DOMAINS=test.click.tvpp.tv
DB_ROOT_PASSWORD=aabbcc
DB_WP_PASSWORD=xxyyzz

networking – Port Forwarding Ubuntu to Debian server

I have xxx Ubuntu 18.4 Desktop which is connected to the Internet and have a Debian Server which is not connected to the Internet directly but hosting a cacti server on the same network with different private IP block and reachable vice-versa.

I want xxx server to have access to the cacti server like browsing public IP of xxx PC from windows client with 8000 ports, requests would be forwarded to yyy server and responding back as well.

Note that I have full administrative access to xxx server but yyy server is reachable but don’t have administrative access.

Inside the office network, I can reach yyy server from xxx server without any issue.
But from outside I can reach xxx server – can do ssh but with the terminal, I can’t see the cacti graph.

Tried googling it and it ends up with multiple failed attempts – tried with IP Tables, tired to ssh but unable to find a solution.

How to achieve this basic requirement? Any help/suggestions would be much appreciated.

scan – Spike in activity with port 3379 (SOCORFS)

My personal IPs on AWS are being scanned for 3379. Apparently, this is SOCORFS, registered to one Hugo Charbonneau. This port is getting scanned a lot more often in recent months:
https://isc.sans.edu/port.html?port=3379

Does anyone know what this is? It’s possible someone found a vulnerability in this protocol and we’re not yet publicly aware of it.

UPDATE:
I reached out to Hugo, will update if I have information from him.

UPDATE 2: Hugo used to work at Socomar International (over 20 years ago), which was a company who built technology for ship tracking. SOCORFS may be “Soco RFS”. Socomar was dissolved in 2006 though. All content I could find online was that it’s unlikely that this company’s products are widely used today. So, there’s a good chance port 3379 is actually being used for something else, nothing related to SOCORFS.

MANAGED VPS DEALS@25% OFF 4 LIFE – Free cPanel/WHM – SSD – 1Gbit Port – US/UK/NL | Proxies123.com

MANAGED cPANEL VPS DEALS 2020!!! (I )RECURRING 25% DISCOUNTS ON ALL MANAGED VPS SERVERS(/I) VALID FOR A LIMITED TIME PERIOD ONLY!!!

INSIGHT WEB HOSTING announces the MANAGED cPANEL VPS DEALS 2020! on our Managed cPanel VPS.

About INSIGHT TECHNOLOGY!
INSIGHT TECHNOLOGY is a US Based leader in Development & Hosting industry, having been in this industry since 2010. INSIGHT Technology is a full-service technology solutions provider, providing you with Web Hosting, Reseller Hosting, Self Managed VPS Hosting, Public Cloud Server, Managed cPanel VPS, Instant Dedicated Servers, Custom Dedicated Servers and Managed Dedicated Server.

Why to Choose Us?
We provides affordable, reliable and high performance cloud server hosting services to the people around the world. We maintain a stable hosting environment, serving clients with dedicated team for technical and sales/billing support.

“Come to check our service & discover the difference.”

Are you looking for high performance business-ready public cloud server? Need dedicated server resources for your or customer’s hungry applications? Require a multiple location cloud with actual real world performance? Need cloud storage server for remote backup services? Your search would be stop here with the below given high performance cloud servers at very affordable price and quality support.

HURRY UP! Right Now Grab this offer for your Personal or Business use, Before the EXCLUSIVE SALES OFFER Expires!
Our Special Promotions are only for the very limited time and stocks. So, place your order right now and grab the high quality hosting at the very reasonable price.

Our Features:
β€’ Powerful Intel Xeon Processors
β€’ 99.9% Uptime Guranteed
β€’ Premium Teir1 Network @1GBit Port
β€’ RAID10 SSD Disk Storage
β€’ Low Latency WorldWide Multiple DC locations
β€’ Full Root Admin Access

Use Below Given Coupon Codes to Receive Recurring 25% Discounts on All Managed cPanel VPS Hosting Plans!!

25% RECURRING DISCOUNTS ON QUATERLY+ BILLING TERM with Coupon Code “MANAGEDVPS25

β™₯β™₯β™₯ MANAGED cPANEL VPS DEALS 2020! VALID TILL STOCK LASTS WITH THE ABOVE GIVEN COUPON CODES. β™₯β™₯β™₯

β–β–Œβ–Ίβ–β–Œ PEARL MANAGED VPS PLAN

β€’ Dedicated CPU : 2 Cores
β€’ Memory : 2GB Dedicated / 2GB vSwap
β€’ HDD Space : 75GB RAID10 SSD Storage
β€’ Tier 1 Traffic : 2TB Monthly Trasnfer @1Gbps
β€’ Free IPs : 1 IPv4 Address
β€’ Full Control : Root Access
β€’ Virtualization Technology: OpenVZ
β€’ Server Management: Included ($29 value)
β€’ FREE: cPanel Admin, Softaculous Premium (included $22 value)
β€’ Technical Support: Level 1 – 3 Support
β€’ DC Location: US/UK/NL/SG
Monthly Price: $49/m Now Only $36/m|

β˜› DEPLOY NOW – PEARL MANAGED cPANEL VPS​

β–β–Œβ–Ίβ–β–Œ SAPPHIRE MANAGED VPS PLAN

β€’ Dedicated CPU : 4 Cores
β€’ Memory : 4GB Dedicated / 4GB vSwap
β€’ HDD Space : 120GB RAID10 SSD Storage
β€’ Tier 1 Traffic : 3TB Monthly Trasnfer @1Gbps
β€’ Free IPs : 1 IPv4 Address
β€’ Full Control : Root Access
β€’ Virtualization Technology: OpenVZ
β€’ Server Management: Included ($29 value)
β€’ FREE: cPanel Admin, Softaculous Premium (included $22 value)
β€’ Technical Support: Level 1 – 3 Support
β€’ DC Location: US/UK/NL/SG
Monthly Price: $59/m Now Only $44/m|

β˜› DEPLOY NOW – SAPPHIRE MANAGED cPANEL VPS​

β–β–Œβ–Ίβ–β–Œ RUBY MANAGED VPS PLAN

β€’ Dedicated CPU : 4 Cores
β€’ Memory: 6GB Dedicated / 6GB vSwap
β€’ HDD Space : 150GB RAID10 SSD Storage
β€’ Tier 1 Traffic : 4TB Monthly Trasnfer @1Gbps
β€’ Free IPs : 1 IPv4 Address
β€’ Full Control : Root Access
β€’ Virtualization Technology: OpenVZ
β€’ Server Management: Included ($29 value)
β€’ FREE: cPanel Pro, Softaculous Premium (included $22 value)
β€’ Technical Support: Level 1 – 3 Support
β€’ DC Location: US/UK/NL/SG
Monthly Price: $69/m Now Only $51/m |

β˜› DEPLOY NOW – RUBY MANAGED cPANEL VPS​

β–β–Œβ–Ίβ–β–Œ DIAMOND MANAGED VPS PLAN

β€’ Dedicated CPU : 6 Cores
β€’ Memory : 8GB Dedicated / 8GB vSwap
β€’ HDD Space : 200GB RAID10 SSD Storage
β€’ Tier 1 Traffic : 5TB Monthly Trasnfer @1Gbps
β€’ Free IPs : 1 IPv4 Address
β€’ Full Control : Root Access
β€’ Virtualization Technology: OpenVZ
β€’ Server Management: Included ($29 value)
β€’ FREE: cPanel Pro, Softaculous Premium (included $22 value)
β€’ Technical Support: Level 1 – 3 Support
β€’ DC Location: US/UK/NL/SG
Monthly Price: $79/m Now Only $59/m |

β˜› DEPLOY NOW – DIAMOND MANAGED cPANEL VPS ​

Frequently Asked Questions:

1. Where are your DC located?
Our DC is located at East Coast, Central & West Coast, US, UK/NL, Europe & SG, Asia.

2. Which payment method you are accepting?
We are accepting payment via PayPal, Debit/Credit Cards, Bitcoin.

3. How long it will take to deploy a server?
All VPS will be deployed once verify the 1st payment.

If you have any questions please feel free to contact us and visit here for more information about MANAGED cPANEL VPS HOSTING.

web application – Web sites executing local port scans: Is this coming from a library?

I recently read a piece by an infosec analyst who observed ebay.com doing a local port scan.

I could not believe my eyes, but it was quickly reproduced by me (see below for my observation).

I surfed around to several sites, and found one more that does this (the citibank site, see below for my observation)

Is this port scanning “a thing” built into some standard fingerprinting or security library? (if so, which?)

Is there a plugin for firefox that can block such behavior? (or can such blocking be added to an existing plugin)?

Thanks!

ebay.com as seen by me:
ebay.com port scanning

citibank as seen by me:
citibank port scanning

Other sites I checked that did NOT seem to be doing this:

  • paypal.com: no
  • ups.com: no
  • fedex.com: no
  • https://www.bankofamerica.com/: no
  • twitter.com: no
  • facebook.com: no
  • duckduckgo: no
  • authorize.net: no
  • wellsfargo.com: no

windows – Unable to change com port number of specific device

I am working on replacing a legacy machine with a new machine running windows 10. This machine has several COM ports and old software which is expecting certain COM port numbers for each device.

I am trying to set each device to be the specific COM port number that is required, but I have run in to an issue. One of the devices is self assigning it’s port number and won’t let me change it. It’s not a case of the COM port that I am trying to change to being in use – it just does not have the button required to change the port. Here is a picture of the problem device (left) and another COM device that I can change the port number of.

Screenshot

I have tried uninstalling the device and rebooting, but it comes back and self assigns itself COM port 2, while there is already another device on the system with that port number. I have no idea how to progress from here, any ideas?