Being asked to add some custom rules to iptables by server provider

Post Reply
craigedmonds
Junior Member
Posts: 21
Joined: 21 Dec 2010, 09:24

Being asked to add some custom rules to iptables by server provider

Post by craigedmonds »

We have a server with rackspace and they are asking us to add some rules to iptables so their backup system can connect, something about a loopback system.

I just wanted to check if I should do this or not becasue obviously my concern is that I allow access to everyone outside.

Also, how do I add these rules through CSF interface if I need to?

Code: Select all

# Allow access from loopback (Needed for EvMgrC process)
iptables -I INPUT -i lo -j ACCEPT
# Allow access from the CommServer
iptables -I INPUT -i eth1 -p tcp -s 10.191.192.0/18 -j ACCEPT
# Allow access to loopback (Needed for EvMgrC process)
iptables -I OUTPUT -o lo -j ACCEPT
# Allow access to the CommServer
iptables -I OUTPUT -o eth1 -p tcp -d 10.191.192.0/18 -j ACCEPT
ForumAdmin
Moderator
Posts: 1523
Joined: 01 Oct 2008, 09:24

Re: Being asked to add some custom rules to iptables by server provider

Post by ForumAdmin »

Loopback is always accepted in csf. You should simply need to add 10.191.192.0/18 to /etc/csf/csf.allow and then restart csf and then lfd, though for better security they should really have provided you with tcp/udp ports that they needed access to.
craigedmonds
Junior Member
Posts: 21
Joined: 21 Dec 2010, 09:24

Re: Being asked to add some custom rules to iptables by server provider

Post by craigedmonds »

ForumAdmin wrote:Loopback is always accepted in csf. You should simply need to add 10.191.192.0/18 to /etc/csf/csf.allow and then restart csf and then lfd, though for better security they should really have provided you with tcp/udp ports that they needed access to.
Thanks for helping me and thank you for such a great product! Kudos to you.

:)
Post Reply