New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
NAT VPS - Stupid Question!
Hi,
I have just purchased my first NAT VPS. I am trying to setup some level of iptables firewall, I suspect I am doing something really stupid... I guess the first question is, is it even possible, when ever I turn on the ipv6 firewall I loose connection to my VPS (SSH and ipv6 HTTPS). I have tried ufw too (with the same result). Is netfilter available in the kernel? If not what should I be doing to secure my VPS?
Secondly (and this is a silly question) are my IPv4 NAT Ports NATed straight through by the provider i.e port IPv4:10818 -> NATIP:10818
Thanks!
Comments
Yep.
Yup.
Since you're asking the second question, you should keep in mind that your SSH port is indeed translated, so that your ssh daemon listens on port 22. Configure your firewall rules accordingly.
Felt bad giving a short answer, here you go:
You will need to make sure you allow those ports to be open in your ipv6 firewall otherwise the default action is to block them.
IP4 wise yes, the node external IP is what you use, for for example.
I want ip 1.2.3.4(node IP) port 4321 and your VPS is 5.6.7.8
1.2.3.4 gets the connection on port 4321, it then says, hey i have a iptables rule for that port, and looks at the rule which tells it to forward any traffic on port 4321 to your NAT IP 5.6.7.8
Your VPS is not aware that the host node has that rule, it just gets the traffic.
hope that makes sense.
Thanks! The first answer was enough, I just wanted to make sure I wasn't going mad!
Yeah all makes sense. I'll see what's going on with my iptables and ip6tables rules then