VPS firewall

ChatIndia

Community Advocate
Community Support
Messages
1,408
Reaction score
30
Points
48
do you know how to install a firewall on ubuntu 13.04 server and configure it to block ougoing connections for certain applications?
 

lysharia

New Member
Messages
17
Reaction score
0
Points
1
That depends on whether or not you're using a control panel or not within the server itself.

We'd need to know more in order to be able to help you.
 

pornophobic

Member
Messages
32
Reaction score
1
Points
8
You won't find an answer to your question, sadly. That's just because there aren't many solutions to what you're looking for because there aren't many reasons to have it on Linux.
There are some options that I can think of:

1. Uninstall the application that is connecting to the internet when you don't want it to.
2. If you know the hostname(s) of where this application is trying to connect, enter those hostnames as 127.0.0.1 in your /etc/hosts
3. Enable SELinux and change the policy for the said application(s).
4. Use iptables to block connections on the protocol it is using (not a good idea if it is http or any other needed protocol) in a rule based on the user running the process. OR use netstat to find the ips your unwanted connections are going and block any outgoing connections to those IPs.
5. Grab the source for the 'offending' software and patch it
6. As lysharia mentioned, if you are using a control panel there may be some settings to do that sort of thing. I don't know of any control panels that do this, but it is possible.
6. Disconnect from the internet altogether.

But you won't have much luck in finding many people who know how to install any firewalls with application based rules because there really aren't any.
 

Dead-i

x10Hosting Support Ninja
Community Support
Messages
6,084
Reaction score
367
Points
83
You could install CSF, as I think it's compatible with Ubuntu Server:
http://configserver.com/cp/csf.html

Once installed, in the configuration you can define which ports you want to whitelist.
 

Skizzerz

Contributors
Staff member
Contributors
Messages
2,929
Reaction score
118
Points
63
If the applications are running under their own users, you can direct outgoing packets from those uids to their own iptables chains where you can then apply different rulesets from your main OUTPUT chain.

for example, let's say you want to restrict www-data (which apache runs as) and postfix
Code:
(you'll need to either prefix all of these with "sudo" or run as root)
iptables -N APACHE
iptables -N POSTFIX
iptables -A OUTPUT -m owner --uid-owner www-data -j APACHE
iptables -A OUTPUT -m owner --uid-owner postfix -j POSTFIX
# allow apache to connect outbound on ports 80 (tcp), 443 (tcp), and 53 (udp) but no others
iptables -A APACHE -p tcp --dport 80 -j ACCEPT
iptables -A APACHE -p tcp --dport 443 -j ACCEPT
iptables -A APACHE -p udp --dport 53 -j ACCEPT
iptables -A APACHE -j DROP
# allow postfix to connect out on 25 (tcp)
iptables -A POSTFIX -p tcp --dport 25 -j ACCEPT
iptables -A POSTFIX -j DROP
 

interne3

Member
Messages
135
Reaction score
2
Points
18
Although I am not a VPS User, I have managed a site before on my own Ubuntu Server, and used ShoreWall Firewall. I need to do that again sometime.

"sudo aptitude install shorewall"
 
Top