Hello,
I'd like to limit the access to my Venus OS from a specific subnet or IP addresses. Unfortunately I found no indication in Venus OS how the integrated firewall works. Someone can give me maybe some informations?
asked
Venus OS integrated firewall
Now I found out that "iptables" are used.
When the system boots up the "iptables" are setup with the definitions from "/etc/iptables/rules". Then the "venus-platform" starts, it adds some rules from the Venus OS settings (tcp/22, tcp/1883, tcp/8883 and tcp/9001).
The file "/etc/iptables/rules" gets lost, if you do a Venus OS update, therefore you could add a command like
grep -qxF -- '-A INPUT -s 192.168.0.0/24 -j DROP' /etc/iptables/rules || sudo sed -i '3i\-A INPUT -s 192.168.0.0/24 -j DROP' /etc/iptables/rules
to "/data/rc.local". This checks on every bootup, if the entry is in the "/etc/iptables/rules" file and if not it adds the line.
Pay attention, if you don't know what you are doing you can lock yourself out. Then you have to reinstall Venus OS over the connected display, if you have one.
Try first adding the rule with iptables command (e.g. "iptables -A new-conn -s 192.168.0.0/24 -j DROP") which adds the rule only to the running system and is lost if the device restarts. Already opened connections are not disconnected in this case, so try to reconnect and check if everything is working as expected.
