1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Firewall with multiple interfaces?

Discussion in 'Plesk 9.x for Linux Issues, Fixes, How-To' started by Igor David, Dec 21, 2009.

  1. Igor David

    Igor David Guest

    0
     
    Hello,

    is it possible to set firewall rules, but with mutliple shared interfaces?

    We want to have next scenario:

    - group of IP`s can connect to Port 80 on IP X.X.X.X (first interface), deny every other IP
    - allow everything to Port 80 on other 3 interfaces


    Thank you!

    p.s. I created this thread about 2h ago, but it didn`t showed up!
     
  2. IgorG

    IgorG Forums Analyst Staff Member

    49
    24%
    Joined:
    Oct 27, 2009
    Messages:
    24,572
    Likes Received:
    1,243
    Location:
    Novosibirsk, Russia
    You can't do it via Firewall module interface but you can try to do it with manually creating necessary iptables rules on Linux system level.
     
  3. Igor David

    Igor David Guest

    0
     
    thanks

    thanks

    Since plesk firewall module is managing iptables, can you give us more information where does Plesk store
    current iptables rules that needs to be changed (suppose it is /etc/sysconfig/iptables) ?

    if we change it through linux shell, I suppose those manual rules will be modified after next restart
    (we see that iptables-config says: IPTABLES_SAVE_ON_STOP="no"? )

    Are there any possible problems for this action?

    thank you again.
     
  4. IgorG

    IgorG Forums Analyst Staff Member

    49
    24%
    Joined:
    Oct 27, 2009
    Messages:
    24,572
    Likes Received:
    1,243
    Location:
    Novosibirsk, Russia
    I think that for avoiding possible problems firewall module should be removed if you manually configure your complex iptables rules.
     
Loading...