Previous page

Next page

Locate page in Contents

Print this page

Building Input Chain

Linux To build and edit the Input Chain, select the Input tab. When you click either Advanced firewall mode with default policy Accept or Advanced firewall mode with default policy Drop, on the page described in the Selecting mode subsection, the first chain of rules is the Input Chain. The Input Chain is a set of rules for the incoming traffic.If you once applied Normal firewall mode before selecting Advanced firewall mode with default policy Accept/Drop, the input chain consists of 13 default rules. If you selected Advanced firewall mode with default policy Accept/Drop while configuring the Container firewall at the first time, the input chain has the default system policy access rule only.

Here you can edit, add, delete, enable, disable, filter or change its position in the list of any of the default rules. In case you need to come back to the original advanced mode settings, the default rules are:

  1. Web server input;
  2. SSH server input;
  3. Mail server input;
  4. POP3 server input;
  5. DNS server tcp input;
  6. DNS server udp input;
  7. All tcp input for hi port allowed;
  8. All udp input for hi port allowed;
  9. Plesk Panel proxy input;
  10. Plesk Panel direct input;
  11. Loopback tcp input;
  12. Loopback udp input;
  13. Default system policy.

If, for some reason, you need to have this rule set back, click Firewall setup and select the Normal firewall mode radio button.

The table below describes the attributes of the rules in the chain:

Name

Description

Name

The name of a specific web service this rule applies to.

Policy

One of three policies: Accept, Drop or Reject.

Protocol

One of two protocols used for package transmission - Transmission Control Protocol (TCP), defined by IETF RFC793 or User Datagram Protocol (UDP), defined by IETF RFC768.

Source Address

The internal address of the packets (e.g.: IPv4 or IPv6 address, the name of a network interface, etc.).

Source Port

The internal port of the packets.

Destination Address

The address where the packets are sent to.

Destination Port

The port where the packets are sent to.

Status

The current status of the rule (Enabled/Disabled).

Move

Moving the rule a level up or a level down from its current position.

The default system policy access rule cannot be changed as this rule decides the packet's destiny - to accept or to drop - when the packet has not any other rule to be processed by.

To edit a rule, click its name in the Name column. To add - or replace - a specific rule, click New Rule in the Actions group. To disable, enable or delete a rule select its check box and then click Disable, Enable or Delete. To move a rule a level up its position, click up arrow. To move a rule a level down its position, click Down Arrow icon. To filter rules by the policy, the protocol, or the current status, click the Show Search link. You can have Parallels Infrastructure Manager display only those parameters you need at the moment. To show or hide certain columns, click the Select Columns link and select the parameters you want to be displayed or clear those you do not.

You can also switch to the normal mode by clicking Firewall setup and selecting normal mode there.

Please send us your feedback on this help page