• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

iptables and plesk

T

tantrileft

Guest
i want to block a LOT of country with ip tables.

i have to insert something like 3000 lines of iptables commands.

i tried manually with a bash script and iptables crashed. (even if it would have not crashed it would have been unuseful because plesk would have then overwritten the tables).

i have seen that plesk store in mysql db all the datas about the iptables rules.

may i have a SQL script to insert in the mysql psa db the rules i want (3000 of them) without having iptables crash and without any problem?

is there not a way to use iptables-save/restore with plesk iptables?

thanks

stefano
 
Id just turn the psa firewall off then. Its really just a web gui on the same thing, and cant really do anything particularly powerful with netfilter. I'm running around 30,000 rules on my systems, so I can definitely say it can handle that many (and more, all documented in my book)

Quick and dirty script to do what you want here:

1) make a file, list the networks or hosts you want to block. One per line. Call it: shunlist, put it in /etc/rc.d

2) The script, or function to add to your firewall script:

#!/bin/sh
SHUNLIST=/etc/rc.d/shunlist

for i in `cat $SHUNLIST`; do
iptables -A INPUT -s $i -j DROP
done

And thats it
 
by "turning off" psa firewall you mean to remove the firewall module?
would this have no effects on the iptables standar standard (not psa) on the machine?

thanks!!!

Originally posted by atomicturtle
Id just turn the psa firewall off then. Its really just a web gui on the same thing, and cant really do anything particularly powerful with netfilter. I'm running around 30,000 rules on my systems, so I can definitely say it can handle that many (and more, all documented in my book)

Quick and dirty script to do what you want here:

1) make a file, list the networks or hosts you want to block. One per line. Call it: shunlist, put it in /etc/rc.d

2) The script, or function to add to your firewall script:

#!/bin/sh
SHUNLIST=/etc/rc.d/shunlist

for i in `cat $SHUNLIST`; do
iptables -A INPUT -s $i -j DROP
done

And thats it
Click to expand...
 
thanks.. i was also thinking about another solution. inserting directly the rules in the psa database. but i see that the rules seem encrypted...

INSERT INTO `module_firewall_rules` (`id`, `configuration_id`, `direction`, `priority`, `object`) VALUES
(19, 1, 0, 0, 0x613a343a7b733a343a2274797065223b733a383a226361746368616c6c223b733a353a22636c617373223b733a383a226361746368616c6c223b733a393a22646972656374696f6e223b733a353a22696e707574223b733a363a22616374696f6e223b733a353a22616c6c6f77223b7d),


is it "object" the rule? how to encrypt it like that?
 
You must log in or register to reply here.

Similar threads

E
Resolved NGinx deny rules and Firewall (iptables?)
Replies
4
Views
1K
epertinez
E
Ehud
Question Possible BUG / Has Plesk CHANGED the Plesk Fire Wall data base configuration, and if so, what is the new one?
Replies
2
Views
682
Ehud
Ehud
P
Issue plesk firewall 2.1.5-412 still has problems
2
Replies
20
Views
2K
PeterKi
P
S
Question Plesk Firewall do not block connections to Docker container
Replies
0
Views
763
shopuser
S
Tim_Wakeling
Issue Firewall suddenly took Plesk down overnight
2
Replies
23
Views
2K
Peter Debik
P
Back
Top