Firewall restrictions

nathan974 · Post by **nathan974** » Tue Sep 19, 2023 11:04 am

Good morning,
I'm working on the restriction in gargoyle in ssh and I need some advice because I'm struggling a bit.
Here's what I do:
-A egress_restrictions -p tcp -m WEBURL --contains Vultr Holdings, LLC --domain_only -j REJECT --reject-with tcp-reset
I place this rule in firewall.user but nothing happens. Any idea why??

Post by **Lantis** » Wed Sep 20, 2023 1:21 am

Is there any reason you’re not using the Gargoyle config file?
I don’t know what time the firewall.user file gets installed but it might be too early and the chains may not exist yet.

nathan974 · Post by **nathan974** » Wed Sep 20, 2023 3:04 am

Hi @Lantis,
I'm going back to school to get a degree as a network administrator so I'm trying to work on my SSH, Firewall, etc....
And since I have Gargoyle on hand I take advantage of it.

nathan974 · Post by **nathan974** » Wed Sep 20, 2023 3:14 am

In the gargoyle interface by applying the restrictions I can see that it adds a rule in:
etc/config/firewall

Post by **Lantis** » Wed Sep 20, 2023 5:56 am

The chains are very interdependent and certain gargoyle processes generate the necessary chains before setting up the restrictions.
I think it is best to stick with that method.

Besides, you’re using custom Gargoyle netfilter modules. You’re NEVER going to find those available on a real system. So it’s not a great syntax to learn.
If you’re interested sure keep looking, but I don’t know if it will help you practically.

Good luck on your study!

nathan974 · Post by **nathan974** » Wed Sep 20, 2023 12:14 pm

Thank @Lantis

nathan974 · Post by **nathan974** » Thu Sep 21, 2023 5:12 pm

Works very well

Gargoyle Forum

Firewall restrictions

Firewall restrictions

Re: Firewall restrictions

Re: Firewall restrictions

Re: Firewall restrictions

Re: Firewall restrictions

Re: Firewall restrictions

Re: Firewall restrictions