This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
hardware_-_firewall_rules [10/09/2019 02:35] – gfactor | hardware_-_firewall_rules [02/20/2023 19:08] (current) – code formatting quickmythril | ||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== === Netfilter Tutorial - How To Secure Your QORT Router and Network Devices Connected To It === | + | ====== Netfilter Tutorial - How To Secure Your Qortal |
\\ ====== | \\ ====== | ||
Line 5: | Line 5: | ||
Iptables Linux firewall is used to monitor incoming and outgoing traffic to a computer and filter it based on user-defined rules to prevent anyone from accessing the computer or IP masqueraded devices. Using iptables you can define rules which will allow only selective traffic on your computer or the router itself. | Iptables Linux firewall is used to monitor incoming and outgoing traffic to a computer and filter it based on user-defined rules to prevent anyone from accessing the computer or IP masqueraded devices. Using iptables you can define rules which will allow only selective traffic on your computer or the router itself. | ||
- | ===== ==What You Will Need== ===== | + | ===== What You Will Need ===== |
Before you begin with Iptables tutorial, you will need the following: | Before you begin with Iptables tutorial, you will need the following: | ||
Line 11: | Line 11: | ||
A local machine with SSH client installed. Putty [[https:// | A local machine with SSH client installed. Putty [[https:// | ||
- | ===== ==Understand The Basics== ===== | + | ===== Understand The Basics ===== |
Line 26: | Line 26: | ||
{{ : | {{ : | ||
- | ===== == The Only Few Commands You Will Ever Need == ===== | + | ===== The Only Few Commands You Will Ever Need ===== |
- | This section assumes that you are already SSH'ed into the QORT router. Look at Getting Started [[hardware_-_getting_started|Getting Started]] | + | This section assumes that you are already SSH'ed into the Qortal |
* iptables -L -v (list current firewall rules) \\ | * iptables -L -v (list current firewall rules) \\ | ||
* iptables -F (flush all rules) \\ | * iptables -F (flush all rules) \\ | ||
- | * iptables-save > / | + | * iptables-save > / |
- | ===== == Adding Your Firewall Rules == ===== | + | ===== Adding Your Firewall Rules ===== |
- | These rules are copy and paste. Simply paste them at the QORT terminal via SSH and save. \\ | + | These rules are copy and paste. Simply paste them at the Qortal |
//**Block outgoing port:**// / | //**Block outgoing port:**// / | ||
Line 48: | Line 48: | ||
//**Block Outoing DNS**// / | //**Block Outoing DNS**// / | ||
- | //**Block incoming port:**// / | + | //**Block incoming port:**// / |
Examples: \\ | Examples: \\ | ||
Line 54: | Line 54: | ||
//**Block HTTP**// / | //**Block HTTP**// / | ||
//**Block HTTPS**// / | //**Block HTTPS**// / | ||
+ | //**Block HTTPS**// / | ||
- | ==== == Monitoring Traffic Flow on Router | + | ==== Monitoring Traffic Flow on Router ==== |
- | It is fairly simple to view what is happening on the router. The pre-installed utility " | + | It is fairly simple to view what is happening on the router. The pre-installed utility " |
// | // | ||
// \\ | // \\ | ||
- | Note that port 53 is used for DNS queries. If you want to see the web site traffic, replace it with port 80. | + | Note that port 53 is used for DNS queries. If you want to see the web site traffic, replace it with port 80. \\ |
- | ==== == Monitoring Tor Flow on Router == ===== | + | Example for more custom firewall rules, traffic monitoring can be obtained from official Discord. |
+ | ==== Monitoring Tor Flow on Router ===== | ||
- | The QORT Router comes ready with your own Tor dedicated gateway. You can use it for all types of internet traffic on the router itself and on connected devices such as browsers, QT wallets, Torrents for safety and privacy which is a big deal these days.\\ | + | |
+ | |||
+ | The Qortal | ||
{{ : | {{ : | ||
For details on Tor access and it's utilization for connected, head over to [[hardware_-_service_access|Service Access]] | For details on Tor access and it's utilization for connected, head over to [[hardware_-_service_access|Service Access]] |