Firewall Settings / Iptables Config (SOLVED)

[Telcar]

I was already here and this has been bothering me for a long time, and yes ive google and asked and asked else ware. Say some people dont always have the extra resources to build a external physical firewall or a $100 nic to make a vm one. Is there no way to control the iptables on unRaid a plugin or docker something? If i was to install a third part software to controll the iptables through the terminal like you would on a normal *inux os would it survive a reboot if not is there anyway i could get it to survive a reboot?

Edited October 18, 2019 by Telcar

[Squid]

1 hour ago, Telcar said:

survive a reboot

To survive a reboot, you just need to make an appropriate script to apply whatever changes you want, then run it via User Scripts plugin at first array start.

[Telcar]

this is probably a stupid question for you more advance guys but im assuming that instead of downloading the packages or what ever each time i can download everything and save it to the array and wright a .SH script install and load everything then i can just make a user script to start on boot or array start that point to and execute install.sh or something like that and im assuming that since you didnt say anything about iptables or anything that you think its stupid and would screw everything up.

 

[Squid]

12 minutes ago, Telcar said:

that instead of downloading the packages or what ever each time i can download everything and save it to the array and wright a .SH script install

basically

12 minutes ago, Telcar said:

im assuming that since you didnt say anything about iptables or anything that you think its stupid and would screw everything up

My mother probably knows more about iptables than I do.  And since she's computer illiterate, that shows why I didn't reference iptables directly 

[Telcar]

well ive never used slackware directly but i use to used a program on arch called firewalled or something that worked pretty good and gave you alot of info about different ports and what processes did what important ones not to mess with and such if i could get everything installed right, but now that i think about it i would probably have to work directly at the head witch would be a pain wouldnt even know were to start on the terminal to control. Sounds like it would be easier to pull some money out my ass and and buy a nic, i just been trying to stay away from the computer stuff after spending so much on my new server, and Christmas is coming, maybe i could ask Santa for one LOL!!!    

[itimpi]

I guess the first question that springs to my mind is what the firewall is intended to protect?    If your Unraid server is on the local LAN and not exposed to the internet do you need to even bother as your router should be protecting the server from the internet.   Adding an additional firewall may be added complexity for little gain.   

[CHBMB]

@Telcar You can pick up a used Intel dual NIC card pretty cheap on eBay which is what I did.  (I actually have dedicated hardware for OPNsense, but still needed a decent dual NIC card to put in it)

 

Here's the one I used and can confirm it works fine with a virtualised Pfsense/OPNsense on Unraid. (I have a backup virtualised firewall just in case my bare metal one goes down)

 

https://www.ebay.com/sch/i.html?_from=R40&_trksid=m570.l1313&_nkw=Dell+X3959&_sacat=0

[Telcar]

I dont trust my router as fair as i can through it and if i did lik a Frisbee that would be pretty fair, helicopters are made to fly after all. I just read this but i had already come up with a randon $20 and grabbed one of these and some patch cable so will see what happens, Thanks everybody!!

 

https://www.ebay.com/itm/IBM-Intel-Pro-1000-PT-Quad-Port-NIC-Ethernet-PCI-E-Adapter-39Y6138/233365613221?hash=item3655acaaa5:g:EpcAAOSwcJVdn04W

Edited October 20, 2019 by Telcar