Answer the question
In order to leave comments, you need to log in
Z
Z
Zakhar Storozhuk2017-07-12 02:08:41
Zakhar Storozhuk, 2017-07-12 02:08:41
Restrict connections to VDS, how?
There is a site on VDS that lies through cloudflare, I want to allow connections to the server only for my IP + IP ranges (IPv4, IPv6) cloudflare, and close all other connections. How to do it ?
ip range:
https://www.cloudflare.com/ips/
give an example command please.
2 answer(s)
@Phell
V
Vladimir Zhurkin, 2017-07-12 @Phell
Read Iptables and be sure to ipset.
As an example:
check that the Ipset module is
modprobe ipt_set
if not, then install apt-get install ipset
Create
ipset -N accips iphash
The first is the name of the list, the second is the type of the list. The type can be found in man
Add required ip
ipset -A ascips 8.8.8.8
create rule
iptables -A INPUT -m set --set accips src -j ACCEPT
-m set - use ipset module --set
accips ip
src list check source only
After after all the necessary IPs have been specified, deny access
iptables -P INPUT DROP
Why is ipset used? In order not to fence a lot of rules in iptables for each ip and save resources.
as an option, read
linuxru.org/linux/324
PS In addition to all this, you need to make a basic firewall configuration. For example, do not block icmp, discard invalid packets (invalid), etc.
Similar questions
R
B
H
D
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question