Playing with SuSE firewall
The organization have one requerimient, access to SSH must be allowed only from specific IP range.
The firewall must be up but only block SSH ports.
I know that you can down the SuSE Firewall and make a script with iptables… but I want make it in SuSE way. You need have basic knowledge about SuSE Firewall
Enable the firewall and configure a custom rule to allow all connections:
Now configure SuSE Firewall to accept custom rules. Please edit /etc/sysconfig/SuSEfirewall2 change the line:
FW_CUSTOMRULES="/etc/sysconfig/scripts/SuSEfirewall2-custom"
Edit the file /etc/sysconfig/scripts/SuSEfirewall2-custom change the lines:
fw_custom_before_port_handling() { # these rules will be loaded after the anti-spoofing and icmp handling # and after the input has been redirected to the input_XXX and # forward_XXX chains and some basic chain-specific anti-circumvention # rules have been set, # but before any IP protocol or TCP/UDP port allow/protection rules # will be set. # You can use this hook to allow/deny certain IP protocols or TCP/UDP # ports before the SuSEfirewall2 generated rules are hit. iptables -A INPUT -p tcp --dport 22 -s 192.168.122.0/24 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j DROP true }
This block SSH to all IPs but 192.168.122.0/24 subnet.
Restart SuSE Firewall.