Knowledgebase

Set Firewall Rules from dashboard

With CloudFlow and CloudONE you can set firewall rules for the network interfaces of virtual servers. There are two types of firewall rule:

  • ACCEPT – defines the packets that will be accepted by the firewall
  • DROP – define the packets that will be rejected by the firewall

To configure a firewall rule:

  1. Go to your Control Panel's Virtual Servers menu.
  2. Click the label of the VS for which you want to configure a firewall rule.
  3. Click the Networking tab, then click Firewall.
  4. On the page that appears, set the following:
    1. Choose the network interface.
    2. Specify if the rule defines requests that should be accepted or dropped.
    3. Set the IP address for which this rule is active.
      • Leave the empty field to apply this rule to all IPs
      • Enter hyphen-separated IPs to apply the rule to an IP range (e.g. 192.168.1.1-192.168.1.10)
      • Enter the IPs with slash to apply the rule to CIDR (e.g. 192.168.1.1/24)
    4. Set the port for which this rule will is effective.
      • Leave the empty field to apply the rule to all ports
      • Enter colon-separated ports to apply the rule to a port range (e.g. 1024:1028)
      • Enter comma-separated ports to apply the rule to the list of ports (e.g. 80,443,21)
    5. Choose the protocol (TCP, UDP or ICMP).
  5. Save the rule. The rule will be saved in the UI, but the transaction won't be started until you click the Apply Firewall Rules button.
  6. To start the transaction which runs firewall rules for a VS, click Apply firewall rules button.
  7. Use Up and Down arrow buttons in the left column to change firewall rule position.

 

Example: the Int1 ACCEPT 122.158.111.21 22 TCP firewall rule means that the Int1 network interface will accept all requests and packets addressed from 122.158.111.21 using the TCP protocol on port 22.
The Int2 DROP 122.158.111.21 22 UDP firewall rule means that the Int2 network interface will reject all requests and packets from 122.158.111.21 using the UDP protocol on port 22. 
PLEASE NOTE: if you reboot a Xen-based VS from the console, the firewall rules for this VS will be lost, and you will need to update the firewall rules again.

  • 0 Users Found This Useful

Was this answer helpful?

Related Articles

DNS Anycast

Add domain to our anycast dns network is easy. First we need to add domain in our panel, as shown...

Add internal Network

In this tutorial we learn how to add internal network to our VM. Traffic trought internal network...

Add IPv6 Address

CloudFlow network is dual-stack and support ipv6. In this tutorial you can see how to add one or...