Re: [Astlinux-users] Firewall configuration

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Lonnie,

Thanks!  That's what I was looking for; a bare-bones "firewalls for 
dummies" type approach.

Actually, I have to admit that I did turn the firewall on without any 
rules set.  Thank goodness for the local console!  ;-)

PDW

-------- Original Message --------
> Hi Paul,
>
>> Actually, I never opened a port to the "outside world" on my ISP 
>> router but would still like to use it within the LAN.
>
> Reading this I'm assuming your AstLinux box is *not* your edge router, 
> but rather sits in your internal LAN.
>
> Warning, The following example is for an AstLinux box sitting in an 
> internal LAN, behind a router/firewall.
>
>
> Go to the Network tab, select Firewall: [ enabled ] and click { 
> Firewall Configuration }
>
>
> Note: Make sure you add rules before "restarting" the firewall.
>
> In the firewall configuration, this example adds rules to manage 
> AstLinux (SSH, HTTP and HTTPS) and allows SIP inbound ...
>
> Add comments if you wish.
>
>
>
> Note: The Source fields here are "0/0" which is Any Host.  If you only 
> want your local LAN to have access to the AstLinux box use 
> 10.10.1.0/24 (for example) or 10.0.0.0/8 to include a bunch of private 
> addresses.
>
> Now that we have added firewall rules (check for errors) we can { 
> Restart Firewall } x-Confirm
> the firewall will be enabled with these rules.
>
> You can enable the Adaptive Ban plugin by going back to the Network 
> tab, Firewall Plugins: choose [ adaptive-ban ] and Click { Configure 
> Plugin }
>
>
> Edit ENABLED=1 and { Save Changes } and from the edit tab you can
>
> { Reload/Restart } [ Restart Firewall ] x-Confirm
>
> That is the flow, add more as you get the feel of it.
>
> PS, worst case, if you added a rule to lock yourself out via SSH or 
> HTTPS, use the console and
> --
> service iptables stop
> --
> and you will have access again.
>
> You should not need to add any IAX2 rules if it is outbound only.
>
> Lonnie
>
>
>
> On Sep 10, 2017, at 4:19 PM, Paul Wills 
> <pd...@ce... 
> <mailto:pd...@ce...>> wrote:
>
>> Greetings,
>>
>> I am trying to get the Adaptive Ban plugin to work but know nothing 
>> about firewall configuration.  Is there a guide to using the AstLinux 
>> GUI firewall settings or, short of that, a suggested minimal 
>> configuration for SSH, IAX2, and SIP?  Actually, I never opened a 
>> port to the "outside world" on my ISP router but would still like to 
>> use it within the LAN.
>>
>> Thanks in advance,
>>
>> PDW
>>
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org <http://Slashdot.org>! 
>> http://sdm.link/slashdot
>> _______________________________________________
>> Astlinux-users mailing list
>> Ast...@li... 
>> <mailto:Ast...@li...>
>> https://lists.sourceforge.net/lists/listinfo/astlinux-users
>>
>> Donations to support AstLinux are graciously accepted via PayPal to 
>> pa...@kr....
>