From 0607751bba8c32d069d153b22ba17ac1f8a7e9a5 Mon Sep 17 00:00:00 2001 From: Stefan Pejcic Date: Sun, 28 Jul 2024 19:53:42 +0200 Subject: [PATCH] Update firewall.md --- documentation/docs/admin/security/firewall.md | 32 ++++++++++++++++--- 1 file changed, 28 insertions(+), 4 deletions(-) diff --git a/documentation/docs/admin/security/firewall.md b/documentation/docs/admin/security/firewall.md index 7fd1ac8f..c64a6eed 100644 --- a/documentation/docs/admin/security/firewall.md +++ b/documentation/docs/admin/security/firewall.md @@ -4,7 +4,24 @@ sidebar_position: 2 # Firewall -View and edit firewall (UFW) rules +View and edit firewall rules. + +OpenPanel supports both ConfigServer Firewall (CSF) and Uncomplicated Firewall (UFW). By default, CSF is installed, but you can choose to install UFW instead by [using the `--ufw` option during installation](/install). + +Based on the installed firewall, the **OpenAdmin > Firewall** page will display either the ConfigServer Firewall UI or the custom UFW interface. + + +## CSF + +If ConfigServer Security & Firewall (CSF) is installed, it's integrated UI will be displayed on **OpenAdmin > Firewall**. + +![csf firewall](/img/admin/firewall_csf.png) + +For instructions on how to use the CSF UI, please refer to [ConfigServer Security & Firewall official documentation](https://download.configserver.com/csf/readme.txt). + +## UFW + +If Uncomplicated Firewall (UFW) is installed, our custom interface will be displayed on **OpenAdmin > Firewall**. ![openadmin firewall settings](/img/admin/adminpanel_firewall_settings.png) @@ -14,14 +31,14 @@ The firewall settings page provides three tabs: - IPv6 - that lists all IPv6 firewall rules - Logs - displays the UFW service log -## View existing rules +### View existing rules The table shows firewall rules, showcasing information such as rule ID, action, ports, source/destination IP, and the username of the user utilizing the port. For IPv6 rules, navigate to the IPv6 tab. ![openadmin firewall ipv6 rules](/img/admin/adminpanel_firewall_ipv6.png) -## Add Rules +### Add Rules To create a new rule click on the 'New Rule' button and in the modal choose 'ALLOW' to allow the IP address or port, and 'DENY' to block access for IP address or port. @@ -34,8 +51,15 @@ To delete a rule click on the 'Delete' link next to it, and in the confirmaiton ![openadmin firewall delete rule](/img/admin/adminpanel_firewall_delete_rule.png) -## View logs +### View logs For logs, navigate to the 'Logs' tab. ![openadmin firewall logs](/img/admin/adminpanel_firewall_logs.png) + + + + +## Restart rules + +To re-open all needed ports for OpenPanel services adn users, run command: `opencli firewall-reset`