• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

Question I have several questions about the firewall.

P

python

Regular Pleskian
Use centos 7.3 that comes with firewalld installed.

Should I enable iptables also to work with firewalld?
With the plesk firewall extension can I create the same rules as firewalld?

Those are my doubts although I think I should only use firewalld, but I do not know how to create rules such as blocking invalid packets, etc ...

I would need a guide to configure firewalld in the best way possible to attack two ddos.
 
Hello, plesk help and law but I still have doubts.
For example how to block invalid packets, etc ...
Does the firewall extension use firewalld or iptables?

By security theme that is better to use iptables, firewalld or with the plesk firewall extension is enough?

Does anyone know of any post to make a secure firewall configuration?

I have thousands of doubts such as file2ban that firewall uses firewalld or iptables?

If by default centos 7 leaves you activated firewalld will be that you have to use this alone but I'm not clear.

Maybe in firewalld you can create static rules with the iptables commands but I'm not sure, I hope someone will guide me in my doubts with the firewall.
regards
 
Plesk is using iptables. Firewalld must be deactivated, else it could interfere with the other settings. fail2ban is using iptables.

You are free to install your own chains and rules in iptables before and beyond what fail2ban does.

Plesk firewall and Fail2Ban are two different things. Plesk firewall blocks or allows traffic on certain ports perpertually while Fail2Ban blocks IP addresses of incoming traffic temporarily when these misbehave.
 
I too have a similar question.. about the relationship of firewall to iptables.

I have been blocking IP addresses manually using the firewall with my own firewall rule. It works well but is long winded, with one IP address at a time loaded.
I examined the iptables and sure.. all the adresses in my rule are there - e.g.
-A INPUT -s 62.76.42.249/32 -p tcp -j DROP

If I add a rule manually then that too appears in iptables - and works

sudo iptables -A INPUT -s 62.76.43.166 -p tcp -j DROP
But.. it does not appear in the Firewall list under my rule.
It does appear in iptables and looks identical
-A INPUT -s 62.76.43.166/32 -p tcp -j DROP

I have a feeling my manual addition is only temporary, and I have saved all the contents to a file, just in case I have to reboot.
sudo iptables-save > /var/log/iptablessnh

QUESTION.. How can I manually add an address with a command, and also make it part of the firewall rule, and therefore permanent.

regards

Steve
 
You must log in or register to reply here.

Similar threads

Azurel
Issue Firewall disabled?
Replies
9
Views
2K
VNick
V
E
Resolved NGinx deny rules and Firewall (iptables?)
Replies
4
Views
1K
epertinez
E
M
Issue Can't open Port 25. Please help
Replies
2
Views
416
mhogue
M
Z
Resolved Docker is unable to connect to the internet
Replies
2
Views
8K
zZeepo
Z
Z
Question Woocommerce, Redis, PHP Settings - Newbie questions
Replies
5
Views
725
Zakky
Z
Back
Top