Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

5.0.1: Tom added IPTABLES support, now what do I do with it ?

Featured Replies

Like the title say, how can we set up a firewall or a NAT?

 

 

Some links that might be useful

http://code.seanodonnell.com/?id=44

http://www.m0rd0r.eu/how-to-make-small-home-network-with-slackware/

http://slackalaxy.wordpress.com/tag/iptables/

 

www.LinuxGuruz.com FORUM

http://www.linuxguruz.com/forum/viewforum.php?f=35

 

Firewall generator

http://www.slackware.com/~alien/efg/

http://www.perturb.org/content/iptables-rules.html

http://www.mista.nu/iptables/

 

OpenVPN server & iptables

http://docs.slackware.com/howtos:network_services:openvpn

 

We also need to invoke with some commands .I have found these , do not know if all is necessary or is missing some...

 

modprobe ip_tables
modprobe ip_conntrack
modprobe iptable_filter
modprobe iptable_mangle
modprobe iptable_nat
modprobe ipt_limit
modprobe ipt_state
modprobe ipt_owner
modprobe ipt_REJECT
modprobe ipt_MASQUERADE
modprobe ip_conntrack_ftp
modprobe ip_conntrack_irc
modprobe ip_nat_ftp
modprobe ip_nat_irc
modprobe iptable_filter
modprobe ip_conntrack

traffic shaping could also be something great!

I follow you

  • Author

I need help with this  ;) please contribute if this is useful for us  8)

I would love to have the ability to control access to the unRAID server by IP based on times.

For example, kids want to keep watching TV after bedtime, so at 9:00pm, I could restrict access to their machines and turn it back on the next morning :)

 

 

  • Author

some missing modules....

 

FATAL: Module ip_conntrack not found.
FATAL: Module iptable_nat not found.
FATAL: Module ipt_limit not found.
FATAL: Module ipt_state not found.
FATAL: Module ipt_owner not found.
FATAL: Module ipt_MASQUERADE not found.
FATAL: Module ip_conntrack_ftp not found.
FATAL: Module ip_conntrack_irc not found.
FATAL: Module ip_nat_ftp not found.
FATAL: Module ip_nat_irc not found.
FATAL: Module ip_conntrack not found

I would NEVER use unraid as a NAT firewall.  There are too many security issues to think about when it comes to NAT.  If Tom is trying to add traffic shaping to improve performance, I feel he is barking up the wrong tree.  Traffic shaping should be handled by the router.  For me that would be Smoothwall, though there are others.

 

Smoothwall express 3.0 has some QOS built into the software, which helps with performance.  This seems to work real well for me.

 

Here is a screen shot of the QOS settings in Smoothwall express:

 

Sideband Samurai

ScreenHunter_17_Nov._13_18_21.jpg.23da44dfcf5302b59a44772508201862.jpg

If Tom is trying to add traffic shaping to improve performance, I feel he is barking up the wrong tree.

I think Tom added base IPTABLES at a user's request. I don't see him planning to use it for any core unraid functions.

I needed iptables so I could connect to openvpnserver from an Android client (I am not the one who requested it though)

Requesting the inclusion of iptables originally was to provide the ability to nat/firewall those that use openVPN server/client on unRAID.  Without nat/firewall one exposes their unRAID server to the outside world regardless of what hardware/software firewall is between the server the Internet.  To properly set up either manually or through a script package like Shorewall it requires more than just iptables added to the kernel.  These are the details that I believe peter_sm is asking help for to work out.

I would love to have the ability to control access to the unRAID server by IP based on times.

For example, kids want to keep watching TV after bedtime, so at 9:00pm, I could restrict access to their machines and turn it back on the next morning :)

 

If you own a Broadcom based wireless router, installing Tomato firmware will give you those tools (and plenty more).  DD-WRT is also a choice and most wireless routers do include some form of access restrictions in the stock firmware.

I would love to have the ability to control access to the unRAID server by IP based on times.

For example, kids want to keep watching TV after bedtime, so at 9:00pm, I could restrict access to their machines and turn it back on the next morning :)

 

If you own a Broadcom based wireless router, installing Tomato firmware will give you those tools (and plenty more).  DD-WRT is also a choice and most wireless routers do include some form of access restrictions in the stock firmware.

 

I'm pretty sure you can only block all wifi devices, or Internet access to certain devices, so if the device is wired it will still be able to access the unraid box unless you want to get fancy with your network setup and add a second router to your network.

 

Sent from a mobile device, sorry for any typos.

 

 

I would love to have the ability to control access to the unRAID server by IP based on times.

For example, kids want to keep watching TV after bedtime, so at 9:00pm, I could restrict access to their machines and turn it back on the next morning :)

 

If you own a Broadcom based wireless router, installing Tomato firmware will give you those tools (and plenty more).  DD-WRT is also a choice and most wireless routers do include some form of access restrictions in the stock firmware.

 

I'm pretty sure you can only block all wifi devices, or Internet access to certain devices, so if the device is wired it will still be able to access the unraid box unless you want to get fancy with your network setup and add a second router to your network.

 

Sent from a mobile device, sorry for any typos.

 

Yep, you are correct.  Was thinking about a different scenario.  Should be able to set up a cron job to block certain IPs as needed, once we get this figured out.

Archived

This topic is now archived and is closed to further replies.

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.