Geoblock country but allow IP

Customer support forums for Atomic Protector (formerly Atomic Secured Linux). There is no such thing as a bad question here as long as it pertains to using Atomic Protector. Newbies feel free to get help getting started or asking questions that may be obvious. Regular users are asked to be gentle. :-)
Post Reply
gaia
Forum Regular
Forum Regular
Posts: 213
Joined: Tue Jun 09, 2009 12:57 pm

Geoblock country but allow IP

Unread post by gaia »

Ukraine is geoblocked, but I would like to allow a single IP thru, without whitelisting it. Is this possible?

Thanks in advance.
CentOS 6.9
ASL 4.0.19-37
Top
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:
Contact scott

Re: Geoblock country but allow IP

Unread post by scott »

Is it for just one service, or multiple ones?
Top
gaia
Forum Regular
Forum Regular
Posts: 213
Joined: Tue Jun 09, 2009 12:57 pm

Re: Geoblock country but allow IP

Unread post by gaia »

scott wrote:Is it for just one service, or multiple ones?
only for port 443 and 22.
CentOS 6.9
ASL 4.0.19-37
Top
prupert
Forum Regular
Forum Regular
Posts: 573
Joined: Tue Aug 01, 2006 2:45 pm
Location: Netherlands

Re: Geoblock country but allow IP

Unread post by prupert »

You could insert firewall rules in INPUT before ASL-GEO-BLACKLIST .
Lemonbit Internet Dedicated Server Management
Top
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:
Contact scott

Re: Geoblock country but allow IP

Unread post by scott »

Thats definitely one way, another is to do 2 per-port ACL's
Top
gaia
Forum Regular
Forum Regular
Posts: 213
Joined: Tue Jun 09, 2009 12:57 pm

Re: Geoblock country but allow IP

Unread post by gaia »

So one firewall rule in INPUT before geoblock allowing access to those two ports?
CentOS 6.9
ASL 4.0.19-37
Top
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:
Contact scott

Re: Geoblock country but allow IP

Unread post by scott »

Right, an "insert" means put on the top of a list, and "add" means add to the bottom. Just like you're in a spreadsheet. You want your rule to appear ahead of the drop rule.
Top
gaia
Forum Regular
Forum Regular
Posts: 213
Joined: Tue Jun 09, 2009 12:57 pm

Re: Geoblock country but allow IP

Unread post by gaia »

scott wrote:Right, an "insert" means put on the top of a list, and "add" means add to the bottom. Just like you're in a spreadsheet. You want your rule to appear ahead of the drop rule.
how do i add more than one port per rule? tried space, comma without spaces and dashes.
CentOS 6.9
ASL 4.0.19-37
Top
User avatar
mikeshinn
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 4149
Joined: Thu Feb 07, 2008 7:49 pm
Location: Chantilly, VA

Re: Geoblock country but allow IP

Unread post by mikeshinn »

Per port ACLs documentation is available here:

https://www.atomicorp.com/wiki/index.ph ... _Port_ACLs
Top
gaia
Forum Regular
Forum Regular
Posts: 213
Joined: Tue Jun 09, 2009 12:57 pm

Re: Geoblock country but allow IP

Unread post by gaia »

mikeshinn wrote:Per port ACLs documentation is available here:

https://www.atomicorp.com/wiki/index.ph ... _Port_ACLs
thanks, but the referenced "Per Port ACLs" section does not mention the syntax for multiple ports.

additionally, i was looking to do this via the GUI, IF possible.
CentOS 6.9
ASL 4.0.19-37
Top
scott
Atomicorp Staff - Site Admin
Atomicorp Staff - Site Admin
Posts: 8355
Joined: Wed Dec 31, 1969 8:00 pm
Location: earth
Contact:
Contact scott

Re: Geoblock country but allow IP

Unread post by scott »

That mechanism is for single ports at a time, so you'd need to make 2 lists.
Top
Post Reply

Return to “Atomic Protector (formerly ASL)”