Geoblock country but allow IP
Geoblock country but allow IP
Ukraine is geoblocked, but I would like to allow a single IP thru, without whitelisting it. Is this possible?
Thanks in advance.
Thanks in advance.
CentOS 6.9
ASL 4.0.19-37
ASL 4.0.19-37
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: Geoblock country but allow IP
Is it for just one service, or multiple ones?
Re: Geoblock country but allow IP
only for port 443 and 22.scott wrote:Is it for just one service, or multiple ones?
CentOS 6.9
ASL 4.0.19-37
ASL 4.0.19-37
Re: Geoblock country but allow IP
You could insert firewall rules in INPUT before ASL-GEO-BLACKLIST .
Lemonbit Internet Dedicated Server Management
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: Geoblock country but allow IP
Thats definitely one way, another is to do 2 per-port ACL's
Re: Geoblock country but allow IP
So one firewall rule in INPUT before geoblock allowing access to those two ports?
CentOS 6.9
ASL 4.0.19-37
ASL 4.0.19-37
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: Geoblock country but allow IP
Right, an "insert" means put on the top of a list, and "add" means add to the bottom. Just like you're in a spreadsheet. You want your rule to appear ahead of the drop rule.
Re: Geoblock country but allow IP
how do i add more than one port per rule? tried space, comma without spaces and dashes.scott wrote:Right, an "insert" means put on the top of a list, and "add" means add to the bottom. Just like you're in a spreadsheet. You want your rule to appear ahead of the drop rule.
CentOS 6.9
ASL 4.0.19-37
ASL 4.0.19-37
- mikeshinn
- Atomicorp Staff - Site Admin
- Posts: 4149
- Joined: Thu Feb 07, 2008 7:49 pm
- Location: Chantilly, VA
Re: Geoblock country but allow IP
Per port ACLs documentation is available here:
https://www.atomicorp.com/wiki/index.ph ... _Port_ACLs
https://www.atomicorp.com/wiki/index.ph ... _Port_ACLs
Michael Shinn
Atomicorp - Security For Everyone
Atomicorp - Security For Everyone
Re: Geoblock country but allow IP
thanks, but the referenced "Per Port ACLs" section does not mention the syntax for multiple ports.mikeshinn wrote:Per port ACLs documentation is available here:
https://www.atomicorp.com/wiki/index.ph ... _Port_ACLs
additionally, i was looking to do this via the GUI, IF possible.
CentOS 6.9
ASL 4.0.19-37
ASL 4.0.19-37
-
- Atomicorp Staff - Site Admin
- Posts: 8355
- Joined: Wed Dec 31, 1969 8:00 pm
- Location: earth
- Contact:
Re: Geoblock country but allow IP
That mechanism is for single ports at a time, so you'd need to make 2 lists.