We have a backup management application UI hosted on Nautilus's backup server in Stratos DC. That backup management application code is deployed under Apache on the backup server itself, and Nginx is running as a reverse proxy on the same server. Apache and Nginx ports are 8087 and 8091, respectively. We have iptables firewall installed on this server. Make the appropriate changes to fulfill the requirements mentioned below:
We want to open all incoming connections to Nginx's port and block all incoming connections to Apache's port. Also, make sure rules are permanent.
Sample Answer:
#login to backup server
ssh <user>@<server>
#switch to root user
sudo su
#verify the iptables before doing any chnages
cat /etc/sysconfig/iptables
#run below commands in terminal ( you MUST make sure the correct ports of Nginx and Apache from your question)
iptables -A INPUT -p tcp --dport 8091 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp --dport 8087 -m conntrack --ctstate NEW -j REJECT
# to save above entries run below comand in terminal
iptables-save > /etc/sysconfig/iptables
#verify ( you can see your entries inside )
cat /etc/sysconfig/iptables
Note: **The Question copied it for learning purposes.** Commands are correct but based on your question the server, user name, and other details might differ, so please do check.
No comments:
Post a Comment