Firewall Archives

May 21, 2024May 21, 2024

How to install and configure shadowsocks in ubuntu machine

Installing and configuring Shadowsocks on an Ubuntu machine involves several steps, including updating the system, installing necessary dependencies, downloading and setting up Shadowsocks, and configuring it to run as a service. Here’s a step-by-step guide to help you through the process:

Step 1: Update the System

First, ensure your system is up to date:

sudo apt update
sudo apt upgrade -y

Step 2: Install Necessary Dependencies

Shadowsocks requires Python and pip (Python package manager). Install them with:

sudo apt install python3 python3-pip -y

Step 3: Install Shadowsocks

Use pip to install Shadowsocks:

sudo pip3 install shadowsocks

Step 4: Configure Shadowsocks

Create a configuration file for Shadowsocks. The default location for the configuration file is /etc/shadowsocks/config.json. You might need to create the directory first:

sudo mkdir -p /etc/shadowsocks

Then create the configuration file:

sudo nano /etc/shadowsocks/config.json

Here’s a sample configuration:

{
    "server": "0.0.0.0",
    "server_port": 8388,
    "local_address": "127.0.0.1",
    "local_port": 1080,
    "password": "your_password",
    "timeout": 300,
    "method": "aes-256-cfb",
    "fast_open": false
}

Replace "your_password" with a strong password. You can also adjust the "server_port" and "method" as needed.

Step 5: Run Shadowsocks

To start Shadowsocks manually, use the following command:

sudo ssserver -c /etc/shadowsocks/config.json

Step 6: Configure Shadowsocks to Run as a Service

To ensure Shadowsocks starts automatically on system boot, create a systemd service file:

sudo nano /etc/systemd/system/shadowsocks.service

Add the following content to the file:

[Unit]
Description=Shadowsocks Proxy Server
After=network.target

[Service]
ExecStart=/usr/local/bin/ssserver -c /etc/shadowsocks/config.json
Restart=on-failure

[Install]
WantedBy=multi-user.target

Save and close the file. Then, enable and start the Shadowsocks service:

sudo systemctl enable shadowsocks
sudo systemctl start shadowsocks

Step 7: Verify the Service

Check the status of the Shadowsocks service to ensure it is running correctly:

sudo systemctl status shadowsocks

If everything is set up correctly, the status should indicate that Shadowsocks is active and running.

Additional Configuration

For enhanced security and performance, consider configuring additional settings such as:

Firewall Rules: Allow the Shadowsocks server port through the firewall.

sudo ufw allow 8388/tcp
sudo ufw allow 8388/udp
sudo ufw enable

Optimizations: Adjust TCP settings or use fast_open if your kernel supports it.

By following these steps, you should have a fully functional Shadowsocks server running on your Ubuntu machine.

Read more from Shadowsocks documentation

April 28, 2019April 30, 2019

How To Install Mod_Security Apache on CentOS 7

ModSecurity is an open source, cross platform web application firewall (WAF) developed by Trustwave’s SpiderLabs. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis. In this tutorial we will learn how To Install Mod_Security Apache on CentOS 7

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo’ to the commands to get root privileges. I will show you through the step by step installation ModSecurity on a CentOS 7 server.

Install Mod_Security Apache on CentOS 7

Step 1. First, let’s start by ensuring your system is up-to-date.

yum clean all
yum -y update

Step 2. Installing Mod_Security Apache on CentOS

Install Dependencies for mod_security:

yum install gcc make httpd-devel libxml2 pcre-devel libxml2-devel curl-devel git

Next, download latest stable release of mod_security source code from their official website to your server:

wget https://www.modsecurity.org/tarball/2.9.3/modsecurity-2.9.3.tar.gz
tar xzf modsecurity-apache_2.9.3.tar.gz
cd modsecurity-apache_2.9.3
./configure
make install
cp modsecurity.conf-recommended /etc/httpd/conf.d/modsecurity.conf
cp unicode.mapping /etc/httpd/conf.d/

Step 3. Configuring Mod_Security.

# nano /etc/httpd/conf/httpd.conf
LoadModule security2_module modules/mod_security2.so

Now set the basic rule set in your httpd.conf file. Add the following lines of code at the end of the file:

<IfModule security2_module>
    Include conf.d/modsecurity.conf
</IfModule>

Save the changes and restart Apache:

systemctl restart httpd

Step 4. Download and configure OWASP (Open Web Application Security Project) core rule set for a base configuration.

cd /etc/httpd
git clone https://github.com/SpiderLabs/owasp-modsecurity-crs.git
mv owasp-modsecurity-crs modsecurity-crs
cd modsecurity-crs
cp modsecurity_crs_10_setup.conf.example modsecurity_crs_10_config.conf

Open the Apache configuration file again, and add the following lines at the end of the file:

# nano /etc/httpd/conf/httpd.conf

Include modsecurity-crs/modsecurity_crs_10_config.conf
Include modsecurity-crs/base_rules/*.conf

Next, restart the Apache service to enable mod_security module:

systemctl restart httpd

Congratulation’s! You have successfully installed Mod_Security. Thanks for using this tutorial for installing Mod_Security on CentOS 7 system. For additional help or useful information, we recommend you to check the official ModSecurity website.

June 24, 2018April 2, 2019

How To Configuration Iptables Firewall on CentOS

Iptables is a user space application program that allows a system administrator to configure the tables provided by the Linux kernel firewall (implemented as different Netfilter modules) and the chains and rules it stores. Different kernel modules and programs are currently used for different protocols; iptables applies to IPv4, ip6tables to IPv6, arptables to ARP, and ebtables for Ethernet frames. (Read more on: wikipedia)

Configuration Iptables Firewall on CentOS

Setting up iptables

You can use the following procedure to verify that iptables has been installed and view the status of iptables. Open terminal and type the following command:

# iptables -V
# yum info iptables

If the above message does not appear, you can type the following command to install iptables:

 # yum -y install iptables

Understanding Firewall, At present here are total four chains:

INPUT : The default chain is used for packets addressed to the system.
OUTPUT : The default chain generating from system.
FORWARD : The default chains is used when packets send through another interface.
RH-Firewall-1-INPUT : The user-defined custom chain.

Target Meanings

The target ACCEPT means allow packet.
The target REJECT means to drop the packet and send an error message to remote host.
The target DROP means drop the packet and do not send an error message to remote host or sending host.

The default iptables configuration on CentOS does not allow access to the HTTP (TCP PORT # 80) and HTTPS (TCP PORT # 443) ports used by Nginx web server. You can do step by step to configure:

Step 1: Flush all iptables rules

# iptables -F
# iptables -X
# iptables -t nat -F
# iptables -t nat -X
# iptables -t mangle -F
# iptables -t mangle -X

Step 2: Set default rules

# iptables -P INPUT DROP
# iptables -P FORWARD ACCEPT
# iptables -P OUTPUT ACCEPT

Step 3: Allow access to HTTP (port 80) and HTTPS (port 443)

# iptables -A INPUT -i lo -j ACCEPT 
# iptables -A INPUT -m state --state ESTABLISHED -j ACCEPT 
# iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT 
# iptables -A INPUT -p icmp -j ACCEPT
# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
# iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT

Turn on and save iptables

Type the following two commands to turn on firewall:

# chkconfig iptables on
# service iptables save