Hi, I would need to whitelist incoming traffic from certain IP ranges and block all other traffic. Reading through documentation and forum, the recommended approach is configuring the security group of the server and not iptables directly. However, in our setup there is no separat security group by the cloud provider that could be configured, it is a dedicated server.
What is the recommended approach by Cloudron to configure iptables so that Cloudron won't override those changes to iptables?
Best posts made by justjulian
-
Make iptables changes persistent
Latest posts made by justjulian
-
RE: Make iptables changes persistent
Thanks @girish much appreciated.
That is unfortunately the answer I expected after reading similar posts here.I am using something similar to Clouflare, however, as with all those services, that whitelisting can be easily bypassed.
I would just need to set up a local resolver rule for my Cloudron domain and my request to Cloudron never passes through Cloudflare but reaches Cloudron directly without any filtering.I am also not a huge fan of IP based access restriction and would also prefer to see access restriction based on for example Wireguard, as you suggested.
When it comes to Wireguard I am using this great project here to configure and maintain a Wireguard server:
https://github.com/trailofbits/algo
How could an integration with Wireguard look like? Would one add a list of Wireguard user to the Cloudron settings or what would you suggest? -
Make iptables changes persistent
Hi, I would need to whitelist incoming traffic from certain IP ranges and block all other traffic. Reading through documentation and forum, the recommended approach is configuring the security group of the server and not iptables directly. However, in our setup there is no separat security group by the cloud provider that could be configured, it is a dedicated server.
What is the recommended approach by Cloudron to configure iptables so that Cloudron won't override those changes to iptables?