Re: [Astlinux-users] Firewall configuration

Sun, 10 Sep 2017 16:58:47 -0700 

Lonnie,
Thanks!  That's what I was looking for; a bare-bones "firewalls for dummies" type approach. 


Actually, I have to admit that I did turn the firewall on without any 
rules set.  Thank goodness for the local console!  ;-)


PDW




-------- Original Message --------

Hi Paul,


Actually, I never opened a port to the "outside world" on my ISP 
router but would still like to use it within the LAN.



Reading this I'm assuming your AstLinux box is *not* your edge router, 
but rather sits in your internal LAN.



Warning, The following example is for an AstLinux box sitting in an 
internal LAN, behind a router/firewall.




Go to the Network tab, select Firewall: [ enabled ] and click { 
Firewall Configuration }



Note: Make sure you add rules before "restarting" the firewall.


In the firewall configuration, this example adds rules to manage 
AstLinux (SSH, HTTP and HTTPS) and allows SIP inbound ...


Add comments if you wish.




Note: The Source fields here are "0/0" which is Any Host.  If you only 
want your local LAN to have access to the AstLinux box use 
10.10.1.0/24 (for example) or 10.0.0.0/8 to include a bunch of private 
addresses.



Now that we have added firewall rules (check for errors) we can { 
Restart Firewall } x-Confirm

the firewall will be enabled with these rules.


You can enable the Adaptive Ban plugin by going back to the Network 
tab, Firewall Plugins: choose [ adaptive-ban ] and Click { Configure 
Plugin }



Edit ENABLED=1 and { Save Changes } and from the edit tab you can

{ Reload/Restart } [ Restart Firewall ] x-Confirm

That is the flow, add more as you get the feel of it.


PS, worst case, if you added a rule to lock yourself out via SSH or 
HTTPS, use the console and

--
service iptables stop
--
and you will have access again.

You should not need to add any IAX2 rules if it is outbound only.

Lonnie




On Sep 10, 2017, at 4:19 PM, Paul Wills 
<pdwi...@cedarknolltelephone.com 
<mailto:pdwi...@cedarknolltelephone.com>> wrote:



Greetings,


I am trying to get the Adaptive Ban plugin to work but know nothing 
about firewall configuration.  Is there a guide to using the AstLinux 
GUI firewall settings or, short of that, a suggested minimal 
configuration for SSH, IAX2, and SIP?  Actually, I never opened a 
port to the "outside world" on my ISP router but would still like to 
use it within the LAN.


Thanks in advance,

PDW


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most

engaging tech sites, Slashdot.org <http://Slashdot.org>! 
http://sdm.link/slashdot

_______________________________________________
Astlinux-users mailing list

Astlinux-users@lists.sourceforge.net 
<mailto:Astlinux-users@lists.sourceforge.net>

https://lists.sourceforge.net/lists/listinfo/astlinux-users


Donations to support AstLinux are graciously accepted via PayPal to 
pay...@krisk.org.





------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Astlinux-users mailing list
Astlinux-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/astlinux-users

Donations to support AstLinux are graciously accepted via PayPal to 
pay...@krisk.org.





















					Reply via email to