ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

Being asked to add some custom rules to iptables by server provider

https://mail.forum.configserver.com/viewtopic.php?t=9449

Page 1 of 1

Being asked to add some custom rules to iptables by server provider

Posted: 18 Apr 2016, 09:30
by craigedmonds
We have a server with rackspace and they are asking us to add some rules to iptables so their backup system can connect, something about a loopback system.

I just wanted to check if I should do this or not becasue obviously my concern is that I allow access to everyone outside.

Also, how do I add these rules through CSF interface if I need to?

Code: Select all

# Allow access from loopback (Needed for EvMgrC process)
iptables -I INPUT -i lo -j ACCEPT
# Allow access from the CommServer
iptables -I INPUT -i eth1 -p tcp -s 10.191.192.0/18 -j ACCEPT
# Allow access to loopback (Needed for EvMgrC process)
iptables -I OUTPUT -o lo -j ACCEPT
# Allow access to the CommServer
iptables -I OUTPUT -o eth1 -p tcp -d 10.191.192.0/18 -j ACCEPT

Re: Being asked to add some custom rules to iptables by server provider

Posted: 18 Apr 2016, 09:36
by ForumAdmin
Loopback is always accepted in csf. You should simply need to add 10.191.192.0/18 to /etc/csf/csf.allow and then restart csf and then lfd, though for better security they should really have provided you with tcp/udp ports that they needed access to.

Re: Being asked to add some custom rules to iptables by server provider

Posted: 18 Apr 2016, 11:17
by craigedmonds
ForumAdmin wrote:Loopback is always accepted in csf. You should simply need to add 10.191.192.0/18 to /etc/csf/csf.allow and then restart csf and then lfd, though for better security they should really have provided you with tcp/udp ports that they needed access to.
Thanks for helping me and thank you for such a great product! Kudos to you.

:)
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited