Skip to content

add appliance firewall

Jump to bottom
Chris Ladd edited this page Oct 11, 2019 · 3 revisions

add appliance firewall

Usage

stack add appliance firewall {appliance ...} {action=string} {chain=string} {protocol=string} {service=string} [comment=string] [flags=string] [network=string] [output-network=string] [rulename=string] [table=string]

Description

Add a firewall rule for an appliance type.

Arguments

  • [appliance]

    Appliance type (e.g., "backend").

Parameters

  • [action=string]

  • [chain=string]

  • [protocol=string]

  • [service=string]

  • {comment=string}

  • {flags=string}

  • {network=string}

  • {output-network=string}

  • {rulename=string}

  • {table=string}

    The table to add the rule to. Valid values are 'filter', 'nat', 'mangle', and 'raw'. If this parameter is not specified, it defaults to 'filter'

Examples

  • stack add appliance firewall login network=private service="all" protocol="all" action="ACCEPT" chain="FORWARD"

    Accept all services and all protocols on the private network for the FORWARD chain. If 'eth0' is associated with the private network on a login appliance, then this will be translated as the following iptables rule: "-A FORWARD -i eth0 -j ACCEPT"

  • stack add appliance firewall login service="8649" protocol="udp" action="REJECT" chain="INPUT"

    Reject UDP packets with a destination port of 8649 on all networks for the INPUT chain. On login appliances, this will be translated into the following iptables rule: "-A INPUT -p udp --dport 8649 -j REJECT"

Checkout our Google Group or our Slack Team for any support or other questions.

Want to contribute to this Wiki? Fork it and send a pull request.

Home

Command Line Interface

Clone this wiki locally