We are in the process of migrating this forum. A new space will be available soon. We are sorry for the inconvenience.

Open Media Vault distro Firewall settings


Trapper
18-11-2016, 16:09
I managed to work this out, with help from the OMV forum. (Warning there are some old posts from tekkb there with gibberish - do not follow them!)

The rules I ended up with are thus:

Direction / Action / Family / Source / Port / Destination / Port / Protocol
INPUT / ACCEPT / IPv4 / my.ip.no.001 / [blank] / [blank] / [blank] / ALL
INPUT / ACCEPT / IPv4 / my.ip.no.002 / [blank] / [blank] / [blank] / ALL
INPUT / ACCEPT / IPv4 / my.ip.no.003 / [blank] / [blank] / [blank] / ALL
INPUT / ACCEPT / IPv4 / my.ip.no.004 / [blank] / [blank] / [blank] / ALL
INPUT / ACCEPT / IPv4 / [blank] / [blank] / [blank] / [blank] / ICMP
INPUT / DROP / IPv4 / [blank] / [blank] / [blank] / [blank] / ALL

The first 4 rules are to allow each of my IP's to access the server.
The fifth is to allow OVH monitoring.
The sixth is to block you pesky kids (I would have gotten away with it if it wasn't for those pesky kids...)

The ARM-6T (with OMV) I have is an awesome product, well done SYS.

~Trap

Trapper
17-11-2016, 14:49
So I now have one of the Open Media Vault servers. This is one of my first Linux attempts, so I am way out of my comfort zone.

I need some help with the firewall, to secure the box against hackers and low-lifes.

I hoped to get some help from the OMV community, but it seems they don't really have any answers there. It is almost exclusively LAN based, rather than internet-facing.

The server needs to be accessible from SYS and OVH server (mine specifically, others excluded ) and also from my home and office IP's.

I am only looking to use SMB/CIFs and FTP...

So can anyone help with a base set of rules?

Thanks in advance

~Trap

Edit: Forgot to say, the guides on OVH are broken:
http://guide.ovh.com/translate_page....ge=en_Firewall