Zabbix, opening firewall port
-
Hello folks,
I'm using for all of my infrastructure Zabbix - an open-source software tool to monitor infrastructure.
There is a Zabbix-server that functions as a web-dashboard, and a Zabbix-agent that you can install on anything like (Windows server, Linux distros, Networking products, Management of Servers). However, Zabbix-agent to function properly requires opening TCP/10050 port on clients.
I know Cloudron does not recommend messing with the firewall, but just for this application, I would like to open this port. Also, this app is not in the app store so this is my only alternative.Is there a recommended way, or can you provide more information what is the best practice to open a specific port in cloudron instance?
In one thread on this forum, somebody linked to this config file: https://git.cloudron.io/cloudron/box/-/blob/master/setup/start/cloudron-firewall.sh. However, I'm not sure if this is recommended practice, and even after some cloudron update, this file could be overwritten.I would like simple rule, either in IPTABLES or UFW:
IP Tables:
iptables -A INPUT -s <MY_PUBLIC_IP_WHERE_IS_ZABBIX_SERVER_RUNNING>/32 -p tcp -m tcp --dport 10050 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 10050 -j DROPUFW: sudo ufw allow from <MY_PUBLIC_IP_WHERE_IS_ZABBIX_SERVER_RUNNING> proto tcp to any port 10050
I believe this is not that hard, I'm just looking for some "recommended practices"
Thanks, Guys
-
Hello folks,
I'm using for all of my infrastructure Zabbix - an open-source software tool to monitor infrastructure.
There is a Zabbix-server that functions as a web-dashboard, and a Zabbix-agent that you can install on anything like (Windows server, Linux distros, Networking products, Management of Servers). However, Zabbix-agent to function properly requires opening TCP/10050 port on clients.
I know Cloudron does not recommend messing with the firewall, but just for this application, I would like to open this port. Also, this app is not in the app store so this is my only alternative.Is there a recommended way, or can you provide more information what is the best practice to open a specific port in cloudron instance?
In one thread on this forum, somebody linked to this config file: https://git.cloudron.io/cloudron/box/-/blob/master/setup/start/cloudron-firewall.sh. However, I'm not sure if this is recommended practice, and even after some cloudron update, this file could be overwritten.I would like simple rule, either in IPTABLES or UFW:
IP Tables:
iptables -A INPUT -s <MY_PUBLIC_IP_WHERE_IS_ZABBIX_SERVER_RUNNING>/32 -p tcp -m tcp --dport 10050 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 10050 -j DROPUFW: sudo ufw allow from <MY_PUBLIC_IP_WHERE_IS_ZABBIX_SERVER_RUNNING> proto tcp to any port 10050
I believe this is not that hard, I'm just looking for some "recommended practices"
Thanks, Guys@bigvictorio I think you want https://docs.cloudron.io/networking/#whitelist-ports ?
-
@girish already found it in documentation but thanks
Whitelisted that port and its working.
Yeah, i'm using preshared key as a token.
However, are they any alternatives? If i want more complex firewall? -
G girish marked this topic as a question on
-
G girish has marked this topic as solved on
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login