Differences

This shows you the differences between two versions of the page.

--- hardware_-_firewall_rules [10/26/2019 01:27] – dmax
+++ hardware_-_firewall_rules [02/20/2023 19:08] (current) – code formatting quickmythril
@@ Line 1: / Line 1: @@
-====== Netfilter Tutorial -  How To Secure Your QORT Router and Network Devices Connected To It ===
+====== Netfilter Tutorial -  How To Secure Your Qortal Router and Network Devices Connected To It ===
 \\ ======
@@ Line 29: / Line 29: @@
-This section assumes that you are already SSH'ed into the QORT router. Look at Getting Started [[hardware_-_getting_started|Getting Started]]
+This section assumes that you are already SSH'ed into the Qortal router. Look at Getting Started [[hardware_-_getting_started|Getting Started]]
 * iptables -L -v (list current firewall rules) \\
 * iptables -F (flush all rules) \\
-* iptables-save > /etc/iptables.rules (saves your custom rules) OR you can edit the file with nano editor /etc/rc.local and paste your rules there. Do "nano /etc/rc.local", paste the rules and Ctrl + X to save and edit.
+* iptables-save > /etc/iptables.rules (saves your custom rules) OR you can edit the file with nano editor /etc/rc.local and paste your rules there. Do ''nano /etc/rc.local'', paste the rules and Ctrl + X to save and edit.
 ===== Adding Your Firewall Rules =====
-These rules are copy and paste. Simply paste them at the QORT terminal via SSH and save. \\
+These rules are copy and paste. Simply paste them at the Qortal terminal via SSH and save. \\
 //**Block outgoing port:**// /sbin/iptables -A OUTPUT -p tcp --dport {PORT-NUMBER-HERE} -j DROP. //For example, you want to block telnet port 21 then put 21 after --dport. It will be /sbin/iptables -A OUTPUT -p tcp --dport 21 -j DROP . Similary, if you wish to block a DNS then it's port 53. Look at common used ports by services on Wikipedia [[https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers]]// \\
@@ Line 59: / Line 59: @@
-It is fairly simple to view what is happening on the router. The pre-installed utility "tcpdump" does all that in a human readable view. The QORT Router comes ready with either your own recursive DNS or a DNS forwarded and to monitor all your DNS lookups, you simple paste this command in terminal: \\
+It is fairly simple to view what is happening on the router. The pre-installed utility "tcpdump" does all that in a human readable view. The Qortal Router comes ready with either your own recursive DNS or a DNS forwarded and to monitor all your DNS lookups, you simple paste this command in terminal: \\
  //tcpdump port 53 and '(tcp-syn|tcp-ack)!=0'
 // \\
-Note that port 53 is used for DNS queries. If you want to see the web site traffic, replace it with port 80.
+Note that port 53 is used for DNS queries. If you want to see the web site traffic, replace it with port 80. \\
+Example for more custom firewall rules, traffic monitoring can be obtained from official Discord.
 ==== Monitoring Tor Flow on Router =====
@@ Line 70: / Line 72: @@
-The QORT Router comes ready with your own Tor dedicated gateway. You can use it for all types of internet traffic on the router itself and on connected devices such as browsers, QT wallets, Torrents for safety and privacy which is a big deal these days.\\
+The Qortal Router comes ready with your own Tor dedicated gateway. You can use it for all types of internet traffic on the router itself and on connected devices such as browsers, QT wallets, Torrents for safety and privacy which is a big deal these days.\\
 {{ :nyx.png?400 |}}
 For details on Tor access and it's utilization for connected, head over to [[hardware_-_service_access|Service Access]]

Qortal Project

User Tools

Site Tools

Differences

Page Tools