Hi,
On my server I have 2 IP addresses, let say xxx.xxx.xxx.xxx and xxx.xxx.xxx.yyy so what I want is to filter traffic with csf on the xxx.xxx.xxx.xxx IP and allow everything for xxx.xxx.xxx.yyy so in short the second IP xxx.xxx.xxx.yyy be completely ignored by csf and allow all the traffic.
I have tried as described here: http://tecadmin.net/add-custom-iptables-rules-with-csf/# but it is not working, the csf rules after restart are implemented to both IP addresses.
Can someone please tell me how to do this?
Thank you,
how to create Custom iptables Rule for second ip address on the server
Re: how to create Custom iptables Rule for second ip address on the server
Check the readme file for the following:
# Advanced port+ip filtering allowed with the following format
# tcp/udp|in/out|s/d=port|s/d=ip
add those lines to the "firewall allow IPs" with all the destinations ports open and the destination IP xxx.xxx.xxx.yyy, that could achieve what you want, but letting an IP to ignore the firewall will be a great security flaw.
# Advanced port+ip filtering allowed with the following format
# tcp/udp|in/out|s/d=port|s/d=ip
add those lines to the "firewall allow IPs" with all the destinations ports open and the destination IP xxx.xxx.xxx.yyy, that could achieve what you want, but letting an IP to ignore the firewall will be a great security flaw.