Use Cases

Blacklist IP addresses

A user wants to drop the packets coming from 1000 specific IP addresses.

  • Step 1 - User creates an ipset to group 1000 IP addresses. By doing so, she also benefits from the efficiency of search algorithm of the ipset.
  • Step 2 - User goes to the Client Groups section and selects the Client Group which she wants to add the rule.
  • Step 3 - Since the incoming request are going to be blocked, user selects INPUT chain of the Filter table.
  • Step 4 - User adds a rule with ipset reference as shown in the figure below.

Only Allow HTTP Ports

Joe is a system administrator and he wants to eliminate all requests targeting a group of servers, except the requests that comes from the HTTP ports 80 and 443.

  • Step 1 - Joe goes to the Ruleset section and creates a Ruleset under Filter table. The rule only accepts the TCP packets coming from specified ports.
  • Step 2 - He navigates to the Client Groups section and selects the group that he wants to change.
  • Step 3 - He selects INPUT chain of the Filter table.
  • Step 4 - He changes default policy of the INPUT chain to the DROP. So, if a packet do not match with any of the rules in this chain, it will be dropped.
  • Step 5 - He adds a rule, if the incoming packet is a TCP packet jump to the ruleset that is just defined.
  • Step 6 - Joe reorders the rule to the first place since he wants to accept the incoming HTTP requests quickly. Rules are operated sequentially.

Only Allow Internal Network Packets

A system administrator wants to configure servers in a way that they communicate with each other as they are isolated from the outer network.

  • Step 1 - She creates a ruleset on Filter Table to restrict inputs. The ruleset consists of a rule that only accepts the packets coming from clients added to the ERWALL.
  • Step 2 - She also creates one for filtering outgoing packets.
  • Step 3 - She add rules to INPUT and OUTPUT chains of Filter table on all Client Groups. These rules jumps to the custom rulesets that she created. She changes default policies to the DROP.