Did Deny port 80 from fwcloud, Exported but port 80 still accessible | FWCloud Forum

Did Deny port 80 from fwcloud, Exported but port 80 still accessible

premkumar

New member
Hi Forum,
I have disabled (Deny) port 80 from the fwcloud firewall of a Linux server, So that noone can access port 80 from anywhere
Have pushed the settings to the Linux server by export / Install / compile all
But the http pf the linux host still continues to be accessible, What is wrong happening here
Thanks & Regards,
Premkumar Waghmare
 

Attachments

Last edited:

Carles Munyoz

Administrator
Staff member
Hi Prermkuma,
Policy load is done by means of SSH protocol. Then, SSH access from FWCloud console to the destination firewall is required.

Here you can see a video tutorial about firewall/cluster configuration, including the SSH setup.

For firewalls outside your network it is advisable to use management VPNs as explained it this video tutorial.

And here you can see another one for compiling and installing policy security:

Greetings.
 

premkumar

New member
Hi Carles,
How Can I add another network interface as by default it is taking vibr0 It should take ensp08
I dont see any option to select the network interface ensp08
 

Attachments

  • enp08.PNG (103.8 KB)
    File size
    103.8 KB
    Download
    1

Carles Munyoz

Administrator
Staff member
You can create a new network interface by means of the drop down menu that appears when you clic with the right mouse button over the Interfaces node of your firewall:
Captura de pantalla 2021-06-22 a las 11.06.51.png

Then you can use this interface in any policy rule with drag and drop.

If you don't want to create the interfaces manually you can use the auto discover feature as explained in this video tutorial.

You can even use our import wizard for import existing IPTables firewalls.
 

premkumar

New member
Not getting port 80 or service httpd option so that it can be reject or Deny
Please excuse me for my queries as first time I am working on Firewalls
Attaching snap shot

Observing below error


    • [17:43:35] - ERROR: Error: STDOUT:
    • [17:43:35] - ./fwcloud.sh: line 222: syntax error: unexpected end of file
    • [17:43:35] -
    • [17:43:35] - STDERR:
    • [17:43:35] - Error in installation of cluster 1 - firewall 12 (192.168.56.106): {"message":"STDOUT: \n./fwcloud.sh: line 222: syntax error: unexpected end of file\r\n\n\nSTDERR: \n"}
 

Attachments

Last edited:

Carles Munyoz

Administrator
Staff member
You have to drag the http service from the services tree (you can use the search box for find it quickly) and drop it into the services column. Then select the action that you want to do with the traffic that matches your rule.

Regarding the fwcloud.sh script error, can you attach the script for analyze it and see where is the problem?
 

premkumar

New member
Hi Carl
The problem is the default rule at INPUT which is the last rule
Any Any Catch-all rule which is causing the total deny and total accept
Not able to delete this rule or move the rule
Adding the Snapshot for reference
 

Attachments

  • Any.PNG (106.9 KB)
    File size
    106.9 KB
    Download
    1

Carles Munyoz

Administrator
Staff member
The purpose of this rule is to catch all the traffic don't caught by the previous rules.
The default action is deny it, but you can change this default action if you want.
But have in mind that if you allow all traffic in this rule it is possible that you are allowing not desired traffic in your firewall.
 
Top