How to secure your XenServer with Iptables

Posted on April 19, 2014 at 3:02 pm

We will allow only your IP address to connect on port 22, 80 and 443.

Edit the iptables file located here:

vi /etc/sysconfig/iptables

Change these lines:

-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT

To these new lines:

-A RH-Firewall-1-INPUT -m state --state NEW -s YOUR_IP_ADDRESS_GOES_HERE -m tcp -p tcp --dport 22 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -s YOUR_IP_ADDRESS_GOES_HERE -m tcp -p tcp --dport 80 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -s YOUR_IP_ADDRESS_GOES_HERE -m tcp -p tcp --dport 443 -j ACCEPT

Restart the iptables service:

service iptables restart

Check the status of the iptable service:

service iptables status

Updated on November 19, 2016 at 12:05 pm

Receive updates via email

Other Posts

Updated Posts