Page 1 of 1
Firewall restrictions
Posted: Tue Sep 19, 2023 11:04 am
by nathan974
Good morning,
I'm working on the restriction in gargoyle in ssh and I need some advice because I'm struggling a bit.
Here's what I do:
-A egress_restrictions -p tcp -m WEBURL --contains Vultr Holdings, LLC --domain_only -j REJECT --reject-with tcp-reset
I place this rule in firewall.user but nothing happens. Any idea why??
Re: Firewall restrictions
Posted: Wed Sep 20, 2023 1:21 am
by Lantis
Is there any reason you’re not using the Gargoyle config file?
I don’t know what time the firewall.user file gets installed but it might be too early and the chains may not exist yet.
Re: Firewall restrictions
Posted: Wed Sep 20, 2023 3:04 am
by nathan974
Hi @Lantis,
I'm going back to school to get a degree as a network administrator so I'm trying to work on my SSH, Firewall, etc....
And since I have Gargoyle on hand I take advantage of it.
Re: Firewall restrictions
Posted: Wed Sep 20, 2023 3:14 am
by nathan974
In the gargoyle interface by applying the restrictions I can see that it adds a rule in:
etc/config/firewall
Re: Firewall restrictions
Posted: Wed Sep 20, 2023 5:56 am
by Lantis
The chains are very interdependent and certain gargoyle processes generate the necessary chains before setting up the restrictions.
I think it is best to stick with that method.
Besides, you’re using custom Gargoyle netfilter modules. You’re NEVER going to find those available on a real system. So it’s not a great syntax to learn.
If you’re interested sure keep looking, but I don’t know if it will help you practically.
Good luck on your study!
Re: Firewall restrictions
Posted: Wed Sep 20, 2023 12:14 pm
by nathan974
Thank @Lantis
Re: Firewall restrictions
Posted: Thu Sep 21, 2023 5:12 pm
by nathan974
