Being asked to add some custom rules to iptables by server provider

[craigedmonds]

We have a server with rackspace and they are asking us to add some rules to iptables so their backup system can connect, something about a loopback system.

I just wanted to check if I should do this or not becasue obviously my concern is that I allow access to everyone outside.

Also, how do I add these rules through CSF interface if I need to?

Code: Select all

# Allow access from loopback (Needed for EvMgrC process)
iptables -I INPUT -i lo -j ACCEPT
# Allow access from the CommServer
iptables -I INPUT -i eth1 -p tcp -s 10.191.192.0/18 -j ACCEPT
# Allow access to loopback (Needed for EvMgrC process)
iptables -I OUTPUT -o lo -j ACCEPT
# Allow access to the CommServer
iptables -I OUTPUT -o eth1 -p tcp -d 10.191.192.0/18 -j ACCEPT

[ForumAdmin]

Loopback is always accepted in csf. You should simply need to add 10.191.192.0/18 to /etc/csf/csf.allow and then restart csf and then lfd, though for better security they should really have provided you with tcp/udp ports that they needed access to.

[craigedmonds]

Loopback is always accepted in csf. You should simply need to add 10.191.192.0/18 to /etc/csf/csf.allow and then restart csf and then lfd, though for better security they should really have provided you with tcp/udp ports that they needed access to.

Thanks for helping me and thank you for such a great product! Kudos to you.