Do you have any suggestion on some systems that could manage iptables rules through web interface? I know webmin can do that. Is there any alternative?
Thanks
It's pretty simplistic, I think that alone makes it stable. Just not enough there to increase potential failures. I'm not sure about security though, for peace of mind I'd probably firewall off it's port to a handful of IPs.
@Raymii said: The core is. The modules sometimes crash, but that can also be because I run it on Arch Linux.
I can confirm it not just Arch. I have tried Centos and Debian they crash there as well. There is not development for it anymore and it is a shame really.
@natestamm said: get used to CLI iptables is invaluable IMHO but there are alternatives..
Yeah, and it's really not that bad. Learn what a chain is, the difference between insert and append, difference between accept, drop, or reject, how to target protocols and ports, you're pretty much done with iptables 101.
@jarland said: Yeah, and it's really not that bad. Learn what a chain is, the difference between insert and append, difference between accept, drop, or reject, how to target protocols and ports, you're pretty much done with iptables 101.
Well, it's shame that leaseweb's vm don't have out-of-band access. In case I made a mistake on firewall rule, I need to wait for their support team.
@dnwk said: Well, it's shame that leaseweb's vm don't have out-of-band access. In case I made a mistake on firewall rule, I need to wait for their support team.
That's a pretty darn fair point. Perhaps also be sure to keep a rule at the top of your input chain for a VPN or two.
Comments
I think Ajenti can do that.
Their interface looks beautiful. Is it stable?
It's pretty simplistic, I think that alone makes it stable. Just not enough there to increase potential failures. I'm not sure about security though, for peace of mind I'd probably firewall off it's port to a handful of IPs.
The core is. The modules sometimes crash, but that can also be because I run it on Arch Linux.
And, what is wrong with the command line?
I can confirm it not just Arch. I have tried Centos and Debian they crash there as well. There is not development for it anymore and it is a shame really.
here are some examples of GUI for iptables, both web and others
http://www.iptables.info/en/iptables-gui.html
@dnwk get used to CLI iptables is invaluable IMHO but there are alternatives..
Yeah, and it's really not that bad. Learn what a chain is, the difference between insert and append, difference between accept, drop, or reject, how to target protocols and ports, you're pretty much done with iptables 101.
Use CSF? They have a standalone web interface you can install.
Well, it's shame that leaseweb's vm don't have out-of-band access. In case I made a mistake on firewall rule, I need to wait for their support team.
That's a pretty darn fair point. Perhaps also be sure to keep a rule at the top of your input chain for a VPN or two.
You can configure iptables thru Webmin. Works fine.