Zabbix, opening firewall port
-
Hello folks,
I'm using for all of my infrastructure Zabbix - an open-source software tool to monitor infrastructure.
There is a Zabbix-server that functions as a web-dashboard, and a Zabbix-agent that you can install on anything like (Windows server, Linux distros, Networking products, Management of Servers). However, Zabbix-agent to function properly requires opening TCP/10050 port on clients.
I know Cloudron does not recommend messing with the firewall, but just for this application, I would like to open this port. Also, this app is not in the app store so this is my only alternative.Is there a recommended way, or can you provide more information what is the best practice to open a specific port in cloudron instance?
In one thread on this forum, somebody linked to this config file: https://git.cloudron.io/cloudron/box/-/blob/master/setup/start/cloudron-firewall.sh. However, I'm not sure if this is recommended practice, and even after some cloudron update, this file could be overwritten.I would like simple rule, either in IPTABLES or UFW:
IP Tables:
iptables -A INPUT -s <MY_PUBLIC_IP_WHERE_IS_ZABBIX_SERVER_RUNNING>/32 -p tcp -m tcp --dport 10050 -j ACCEPT
iptables -A INPUT -p tcp -m tcp --dport 10050 -j DROPUFW: sudo ufw allow from <MY_PUBLIC_IP_WHERE_IS_ZABBIX_SERVER_RUNNING> proto tcp to any port 10050
I believe this is not that hard, I'm just looking for some "recommended practices"
Thanks, Guys
-
@bigvictorio I think you want https://docs.cloudron.io/networking/#whitelist-ports ?
-
@girish already found it in documentation but thanks
Whitelisted that port and its working.
Yeah, i'm using preshared key as a token.
However, are they any alternatives? If i want more complex firewall? -
@bigvictorio At this point, no. But feel free to open feature requests and we can add firewall features as needed.
-
G girish marked this topic as a question on
-
G girish has marked this topic as solved on
