ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

How to whitelist domain from firewall

https://mail.forum.configserver.com/viewtopic.php?t=10295

Page 1 of 1

Re: How to whitelist domain from firewall

Posted: 07 Jun 2017, 23:02
by sawbuck
You can only whitelist by IP.

Re: How to whitelist domain from firewall

Posted: 26 Jul 2017, 05:51
by NotLim
try csf.dyndns

Re: How to whitelist domain from firewall

Posted: 27 Jul 2017, 03:01
by Spork Schivago
I believe NotLim is correct and csf.dyndns is the correct file to list the domain(s) you want whitelisted.

According to the file:

Code: Select all

###############################################################################
# The following FQDN's will be allowed through the firewall. This is controlled
# by lfd which checks the DNS resolution of the FQDN and adds the ip address
# into the ALLOWDYNIN and ALLOWDYNOUT iptables chains. lfd will check for IP
# updates every DYNDNS seconds if set.
#
# If the FQDN has multiple A records then all of the IP addresses will be
# processed. If IPV6 is enabled and the perl module Socket6 from cpan.org is
# installed, then all IPv6 AAAA IP address records will also be allowed.
#
# Only list fully qualified domain names (FQDN's) in this file, either on their
# own to allow full access, or using Advanced Allow/Deny Filters (see
# readme.txt)
#
I believe this would be an example of the Advanced Allow / Deny Filters, which I found in the readme.txt

Code: Select all

# TCP connections inbound to port 22 from Dynamic DNS address
# www.configserver.com (for use in csf.dyndns only)
tcp|in|d=22|s=www.configserver.com
I believe this would allow TCP connections from www.configserver.com on port 22.

I think something like

Code: Select all

in|d=22|s=www.configserver.com
would allow all packet types from www.configserver.com in through port 22.

I hope this helps.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited