 | How to setup firewall |
- Node security is very important. Poor security can result in your wallet being compromised.
How to secure node with firewallIf your Linux server doesn't contain iptables, it is good to install them with command:
sudo apt-get install iptables sudo apt-get install ip6tables
It is advised to block all ip6tables access:
ip6tables -P INPUT DROP ip6tables -P OUTPUT DROP ip6tables -P FORWARD DROP
If you use SSH access to your server, then it is necessary to allow SSH port:
sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT
Allow communication with node:
127.0.0.1 - allowed ip for access to API RPC-JSON
16661 - testnet API RPC-JSON port
16665 - node communication port
sudo iptables -A INPUT -p tcp -s 127.0.0.1 --dport 16661 -j ACCEPT sudo iptables -A INPUT -p tcp --dport 16661 -j DROP sudo iptables -A INPUT -p tcp -m tcp --dport 16665 -m state --state NEW,ESTABLISHED -j ACCEPT
At the end, drop all other accesses:
sudo iptables -D INPUT -j DROP sudo iptables -A INPUT -j DROP
How to save this settings permanently- We recommend installing great Linux utility iptables-permanently which stores your configurations in a file and during boot it restores your configuration automatically.
For installation and store iptables configuration call following command line:
sudo apt-get install iptables-persistent- Answer YES to all questions.
Recommendation: If you make a change in your configuration uninstall it and install it again to store new configuration.