Search results

I understand, thank you for the detailed explanation. Then, for do it with FWCloud you need: Feature for create you own chains. Allow the use of custom chains in the actions column. Is it correct or do you need something more?

Hi, At this moment it is not possible to create your own policy chains. The FWCloud IPTables/NFTables compiler generates the required custom chains for every rule you create using the FWCloud user interface, but you can not create your own custom chains. Yes, it is a feature included in our...

Hi Alasdair, At this moment you can do it using the feature that we have called hook scripts at the rule level. If you edit the the rule options, you can add shell script code that will be executed before or after the rule loading. Then you can do something like this: In the future we will...

You are welcome!

Simply right mouse button clic over the TCP node of the services tree and create a new TCP service.

The purpose of this rule is to catch all the traffic don't caught by the previous rules. The default action is deny it, but you can change this default action if you want. But have in mind that if you allow all traffic in this rule it is possible that you are allowing not desired traffic in your...

Look at this error log: It is mandatory that you put something in the Translated Source column. Can you revise it?

You have to drag the http service from the services tree (you can use the search box for find it quickly) and drop it into the services column. Then select the action that you want to do with the traffic that matches your rule. Regarding the fwcloud.sh script error, can you attach the script...

You can create a new network interface by means of the drop down menu that appears when you clic with the right mouse button over the Interfaces node of your firewall: Then you can use this interface in any policy rule with drag and drop. If you don't want to create the interfaces manually...

Hi Prermkuma, Policy load is done by means of SSH protocol. Then, SSH access from FWCloud console to the destination firewall is required. Here you can see a video tutorial about firewall/cluster configuration, including the SSH setup. For firewalls outside your network it is advisable to use...

FWCloud meets this requirement. You can create clusters of any number of nodes all with the same IPTables/NFTables policy. Even you have the option of apply one policy rule to only one node instead of applying it to all nodes (default action). In a firewalls cluster all node share the same...

Hi, I think that you can manage this very easy with FWCloud, but it would be great if you give us more detailed information about what you want to do. Please, may you give us more information? Thank you.

Great! You are welcome. If you have any further questions, do not hesitate to contact us.

Hi Premkumar, As you have informed us in another e-mail sent to info@fwcloud.net, the process has completed with this end message: Have you seen the warning message: You have to enable the port 3030 in your firewalld setup. You can see here documentation about how to do it. Regarding your...

Not at this moment. But we have in our roadmap a full audit log that will allow things like this.

Hi, It is a great idea, thank you! At this moment you can add these security blocks manually by means of the hook scripts feature. But for simplicity we will add a new section in the firewall setup for manage these security options and generate special rules for them. I think we can add...

Thank you very much for your comments! :-) We are doing our best for improve FWCloud day by day. The next release that we will launch in June will have new amazing features like NFTables compiler and advanced routing management. Best regards.

Hi, Then, your problem is solved, is it correct?

Yes, you can add the hook script before or after any rule of your policy.

At this moment it is not possible the use of the limit module using the FWCloud user interface, but we will include this feature in a future release. But you can use the hook scripts feature for it: