How to use the integrated firewall on a VPS LXC ?

The VPS LXC offer allows you to benefit from a firewall integrated directly into our panel, this allows you to create rules without the risk of locking yourself out of your server with a wrong command.

First you need to access the management panel of your VPS LXC and then click on the Firewall tab in the Additional Tools sub-menu:

It then appears all the firewall rules you already have for your VPS, if you don't have them the list is empty:

To set up a new rule just click on Add and answer these few questions:

• Direction : in or out
  
  | Does your rule concern an incoming or outgoing flow from your VPS?
  
• Action : accept, drop or reject
  
  | In most cases if you want to accept a feed you have to choose accept, if you want to refuse it it is better to choose drop or reject.
  
  || In both cases drop or reject allows to block an incoming connection. The drop function allows you to prohibit a stream without sending any response to the sender, the reject function allows you to notify the sender of the rejection of his stream.
  
• Interface : venet or net0 
  
  ||| For the flow outside your VPS you have to choose net0
  
• Source: IP or source CIDR block (Example: 192.168.1.1 or 192.168.0.0/24)
• Destination: IP or CIDR block destination (Example: 192.168.1.1 or 192.168.0.0/24)
• Macro: Allows to choose a port from a known list
• Protocol: protocol of the connection to be blocked (Leave blank for all)
• Source port: Source port
• Destination port: Port of destination
• Comment : To easily find your way around

Then click on Add to add the rule to your firewall.

Example of a rule 

Protect the SSH access of its VPS :

• Direction: In
• Action: DROP
• Interface: net0
• Source: 0.0.0.0/0
• Destination port: 22
• Protocol: TCP

Updated on: 17/10/2022