How to fastly add a new firewall rule through ssh

Post Reply
User avatar
isscbta
Team Member
Posts: 129
Joined: Mon Jul 19, 2021 1:41 am
Has thanked: 14 times
Been thanked: 3 times

In your SSH, as root, run:

Code: Select all

sudo /usr/local/vesta/bin/v-add-firewall-rule  'ACCEPT/DROP' 'IP' 'PORT' 'TCP/UDP' 'Comment'
Example to open port 22 for IP address 123.123.123.123:

Code: Select all

sudo /usr/local/vesta/bin/v-add-firewall-rule  'ACCEPT' '123.123.123.123' '22' 'TCP' 'My custom SSH rule'
Example to open port 8899 for the whole internet:

Code: Select all

sudo /usr/local/vesta/bin/v-add-firewall-rule  'ACCEPT' '0.0.0.0/0' '8899' 'TCP' 'Rule for 8899 port'

Tags:
kombajnik
Posts: 20
Joined: Fri Feb 19, 2021 1:42 am

Hi, is possible to ad few ip addresses in one rule?
I remember few years ago in normal vesta that was possible.
User avatar
isscbta
Team Member
Posts: 129
Joined: Mon Jul 19, 2021 1:41 am
Has thanked: 14 times
Been thanked: 3 times

No it's not. It is possible to add multiple ports on a single IP address separated by commas. In case you need to quickly add multiple rules with different IP addresses, you can automate the process using bash:

In your SSH, as root, run:

Code: Select all

mcedit add-multiple-firewall-rules.sh
Insert this code:

Code: Select all

#!/bin/bash
v-add-firewall-rule  'ACCEPT/DROP' 'IP1' 'PORT' 'TCP/UDP' 'Comment'
v-add-firewall-rule  'ACCEPT/DROP' 'IP2' 'PORT' 'TCP/UDP' 'Comment'
v-add-firewall-rule  'ACCEPT/DROP' 'IP3' 'PORT' 'TCP/UDP' 'Comment'
v-add-firewall-rule  'ACCEPT/DROP' 'IP4' 'PORT' 'TCP/UDP' 'Comment'
Save and exit. Then run:

Code: Select all

chmod a+x add-multiple-firewall-rules.sh
./add-multiple-firewall-rules.sh
Post Reply