Knowledgebase: SolarCloud VPS
How do I manage the Firewall for my VMs?
Posted by Support, Last modified by Support on 01 September 2011 10:41 AM
Firewall Rules

With the SolarCloud system you can set firewall rules for the network interfaces of virtual machines. There are two types of firewall rules:

ACCEPT – defines the requests and types of packets which will be accepted by a firewall

DROP – specifies the requests and packets which will be rejected by a firewall

How to create a firewall rule:
To configure a firewall rule:
  1. Go to your Control Panel’s Virtual Machines menu.
  2. Click the label of the machine to which you want to configure a firewall rule.
  3. Click the Networking -> Firewall tab.
  4. On the page that appears set the following:
    • Choose the network interface.
    • Specify if the rule defines requests that should be accepted or dropped.
    • Set the IP address for which this rule is active.
      • Leave the empty field to apply this rule to all IPs
      • Enter hyphen-separated IPs to apply the rule to an IP range (e.g. 192.168.1.1-192.168.1.10)
      • Enter the IPs with slash to apply the rule to CIDR (e.g. 192.168.1.1/24)

    • Set the port for which this rule is effective.
      • Leave the empty field to apply the rule to all ports
      • Enter colon-separated ports to apply the rule to a port range (e.g. 1024:1028)
      • Enter comma-separated ports to apply the rule to the list of ports (e.g. 80,443,21)

    • Choose the protocol (TCP or UDP).
  5. Save the rule.

The eth0 ACCEPT 122.158.111.21 22 TCP firewall rule means that the eth0 network interface will accept all the requests and packets addressed from a 122.158.111.21 IP using TCP protocol on a 22 port.

The eth1 DROP 122.158.111.21 22 UDP firewall rule means that the eth1 network interface will reject all the requests and packets running from a 122.158.111.21 IP using TCP protocol on a 22 port.

Because some rules can override each other, it is important to set the order in which they are processed. Use the up/down arrows next to a rule to set priority.

How to view/edit/delete firewall rules:
To view details, edit or delete an existing firewall rule:
  1. Go to your Control Panel’s Virtual Machines menu.
  2. Click the label of the machine to which you want to configure a firewall rule.
  3. Click the Networking -> Firewall tab.
  4. On the page that appears you’ll see the list of all the rules with their details:
    • Click the Edit icon next to a rule to edit its parameters.
    • To delete a rule from a VM, click the Delete icon next to a rule and confirm.

How to set a default firewall rule:
SolarCloud allows setting default firewall rules which will be applied to all IP addresses with all ports for all protocols. To set default firewall rules:
  1. Go to your Control Panel’s Virtual Machines menu.
  2. Click the label of the machine to which you want to configure a firewall rule.
  3. Click the Networking -> Firewall tab.
  4. On the page that appears scroll down to the Default Firewall Rules section and set the following:
    • Choose the interface for which you define a rule.
    • Define a rule (Accept or Drop).
If you choose the network interface eth0 with the ACCEPT rule, it means that firewall set to eth0 network interface will accept all the requests and packet types from all IPs. If you define the eth1 network interface with the DROP rule, the firewall of the eth1 will block all the requests and packets addressed to it.
(151 vote(s))
Helpful
Not helpful

Comments (0)