Expose Service on Nethserver


(Eddie Atherton) #1

I said there would be more questions, didn’t I. :grinning:

Is there a way to expose a service that is running on the Nethserver using the firewall rules, in a similar way to how the internal services are treated.

For the internal services, the rules are only written into the loc2fw and net2fw chains. I can’t find a way, other than “any” to add a rule to either of those chains. But, using “any” also inserts a rule into the vpn chains as well, which I’d rather not have.

Is it possible to add a “fw” target to the ones currently available.

Cheers.


(Alessio Fattorini) #2

Ehi Eddie!
yeah you can flood us with your questions as you like. :scream_cat:
Please, check this answer by @islipfd19


(Eddie Atherton) #3

Thank you for the offer. :grinning:

Is the command to just add the ports at the bottom of that page correct. It’s exactly the same as the command to add both a service and ports shown below it. I’m guessing one command should add the information to the configuration DB, the other to the fwservices DB.

Can the “access” parameter be used without adding a Nethserver service. Like, add a service via the UI, which updates the fwservices DB and then update it via CLI to include “access”.

Cheers,
Eddie


(Eddie Atherton) #4

OK, on re-reading, I think what the doc is saying is this:

Add this as an enabled service, but don’t set up the triggers to start/stop it, so it will always remain in a stopped state, but the firewall rules will be loaded.

Have I read that correctly ??

Cheers.


(Alessio Fattorini) #5

Sorry for the delay, yes you’re right.
How’s your service? Did you have configured it properly?


(Eddie Atherton) #6

@alefattorini
Yep, I have added 3 services now to NS. One for just firewall rules, the others as actual services that also need firewall rules.
Cheers.