Resolved Is it possible to make changes to Plesk Firewall from the command line?

[HHawk]

Hi all,

I am trying to learn how to setup a server from the command line, instead of by using the Plesk control panel.
So far, I can manage everything from the command line. Which will be a time-saver, except for one thing; the Plesk Firewall.

Is it possible to make visible changes in there as well? For example I want to enable the Plesk Firewall from the command line and add a Passive Port (49152-65534) rule as well to it.

I cannot seem to find any information on how to do this through SSH / command line...

Please advice. Thanks.

 

[IgorG]

Please look at this KB article How to manage Plesk firewall via CLI?

 

[HHawk]

Thanks IgorG...

Weird, I couldn't find that KB at all yesterday. I did actually search for it. Maybe I used the wrong search terms.
Anyways thank you!

 

[Kurt Ludikovsky]

Please look at this KB article How to manage Plesk firewall via CLI?

May I ask you to update this link as the link now gets us to the "OOPS"-page.
Thx.

 

[Peter Debik]

Sometimes old articles get replaced by more detailed, better articles. There is a new article on this topic. Does the section "Managing firewall rules via a command-line interface" in

https://support.plesk.com/hc/en-us/articles/115001078014-How-to-manage-local-firewall-rules-using-Plesk-Firewall-in-Plesk-for-Linux

deliver what you are seeking?

 

[Kurt Ludikovsky]

Sometimes old articles get replaced by more detailed, better articles. There is a new article on this topic. Does the section "Managing firewall rules via a command-line interface" in

https://support.plesk.com/hc/en-us/articles/115001078014-How-to-manage-local-firewall-rules-using-Plesk-Firewall-in-Plesk-for-Linux

deliver what you are seeking?

Unfortunately not.
but I found in the meantime a workable solution with /usr/local/psa/bin/modules/firewall/settings. There one can se the entries with multiple IP's. That all I need, as I can do the confirmation in Plesk then.

I will document my way as soon as Im done.
For those who need urgent solution simply SSH to your system and enter
/usr/local/psa/bin/modules/firewall/settings --help.
(Just be carefull there are some errorsin the description, as the --set-rule command is not positional und comma separated, but just whitespace separated and non-positional.
For updates of rules the id-Parameter can be located in the Firewall-URL in Plesk.

I will not use the --apply and --confirm commands but check my entries in Plesk and do the apply in Plesk (as my issue was just to avoid entering tens of IP's manually.
BTW: this is the link which brought me onto this track
https://www.plesk.com/kb/support/how-to-manage-local-firewall-rules-using-plesk-firewall-in-plesk-for-linux/

 

[Kurt Ludikovsky]

Ii have documented the procedure at superuser.com