Is there a recommended way to add more advanced firewall rules to a standard ISPconfig3 system? For example in some cases I'd like to close port X with exceptions for some allowed IPs. Is there a recommended way to add such custom rules without ISPconfig 3 overwriting them?
Please see here: http://www.howtoforge.com/forums/showthread.php?t=6209 I guess it should work for ispconfig 3 as well, as the firewall script is the same then the one used in ispconfig 2.
It's been a long time since I used ispconfig but I'm impressed with the new version 3. And after a search for this very topic I came across this thread. Might I suggest that this ability be added to the control panel itself? The reason I'm asking is because I want to lock out any access to SSH except for my IP address. However, my IP address is dynamic so without the ability to change the IP from within the control panel I would never have the ability to access the server via SSH when my IP changes. It would also allow for quick banning of problematic IP's from the server. Without looking at the code, I would imagine this would just be two added fields, IP address and a boolean allow/deny field.
A new firwall system has already been written and will be published in 3.0.5. Please see roadmap: http://bugtracker.ispconfig.org/index.php?do=index&tasks=&project=3&due=45&status[]=
