This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Advanced Customizaction of Iptables?

I have been trying to setup my packet filter rules today and noticed that it seems a bunch of them are already hardcoded by astaro and can't be modified through the web admin interface. Basically I want to get into like an advanced mode or something so that I can just set everything default to logdrop and just spend time adding the rules which I need to allow. I imagine I could ssh to the firewall box and just run iptables commands to modify it, however I don't want to mess up my astaro setup and it would be much easier using the network definitions and stuff I already have in the web interface. Is there a way to access all the rules and modify them through the web interface?

This thread was automatically locked due to age.

Parents

0 Michael Ziegler over 23 years ago

hi john,

sorry if i miss something, but i think astaro does exactly what you want to do:
astaro only sets rules by itself, when the rules are needed for proxies, webmin or ssh to the asl box. but you cannot see the last rule - it's drop and log all.

bye,
michael
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Michael Ziegler over 23 years ago

hi john,

sorry if i miss something, but i think astaro does exactly what you want to do:
astaro only sets rules by itself, when the rules are needed for proxies, webmin or ssh to the asl box. but you cannot see the last rule - it's drop and log all.

bye,
michael
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 John Scimone over 23 years ago in reply to Michael Ziegler

Yes it does, and would be good for a basic setup, however it doesn't allow me to use extra tags like checking for states and interfaces etc.. and also it adds rules to the wrong chains sometimes (see my other post from tonight)
Cancel
Vote Up 0 Vote Down

Cancel