Firewall with multiple interfaces?

[Igor David]

Hello,

is it possible to set firewall rules, but with mutliple shared interfaces?

We want to have next scenario:

- group of IP`s can connect to Port 80 on IP X.X.X.X (first interface), deny every other IP
- allow everything to Port 80 on other 3 interfaces


Thank you!

p.s. I created this thread about 2h ago, but it didn`t showed up!

 

[IgorG]

You can't do it via Firewall module interface but you can try to do it with manually creating necessary iptables rules on Linux system level.

 

[Igor David]

thanks

You can't do it via Firewall module interface but you can try to do it with manually creating necessary iptables rules on Linux system level.

thanks

Since plesk firewall module is managing iptables, can you give us more information where does Plesk store
current iptables rules that needs to be changed (suppose it is /etc/sysconfig/iptables) ?

if we change it through linux shell, I suppose those manual rules will be modified after next restart
(we see that iptables-config says: IPTABLES_SAVE_ON_STOP="no"? )

Are there any possible problems for this action?

thank you again.

 

[IgorG]

I think that for avoiding possible problems firewall module should be removed if you manually configure your complex iptables rules.