ThePlanet's - IP Tables Monitoring Rules

Recommending the customer to go to that link is definitely your best bet, but if you're too lazy to click the link and login... Here goes:

Required Managed Services IPTables Rules
If you are subscribed to one of our Managed Service Packages and you use IPTables Rules to enhance the security of your server, we ask that you implement the following rule sets. If you are not familiar with IPTables or do not use that feature, this will not affect you. This is only relavent to customers that implement IPTables Rules on their own.

** Add these rules to allow internal networks of The Planet to access your server for management and monitoring. All of the following groups of rules require these rules to be input first.

iptables -N plnt_in
iptables -N plnt_out
iptables -I INPUT 1 -j plnt_in
iptables -I OUTPUT 1 -j plnt_out
iptables -A plnt_in -s 12.96.160.0/24 -j ACCEPT
iptables -A plnt_in -s 67.19.0.0/24 -j ACCEPT
iptables -A plnt_in -s 70.84.160.0/24 -j ACCEPT
iptables -A plnt_out -d 12.96.160.0/24 -j ACCEPT
iptables -A plnt_out -d 67.19.0.0/24 -j ACCEPT
iptables -A plnt_out -d 70.84.160.0/24 -j ACCEPT

** Add these rules if you are running Red Hat so that your server will be able to communicate with our RHN systems. Be sure to fill in the ip info for your RHN Update server. You can find the information listed in /etc/sysconfig/rhn/up2date as the serverURL (default HTTPS) and noSSLServerURL (HTTP) directives, or by contacting us.

iptables -A plnt_in -s **your_RHN_server** -j ACCEPT
iptables -A plnt_out -d **your_RHN_server** -j ACCEPT

** Add these rules if you have NAS Backup service. Be sure to fill in the ip info for your NAS Server. You can find the information by reading the install ticket, or by contacting us.

iptables -N plnt_nas
iptables -A plnt_in -s **your_NAS_server** -j plnt_nas
iptables -A plnt_out -d **your_NAS_server** -j plnt_nas
iptables -A plnt_nas -m state --state ESTABLISHED -j ACCEPT
iptables -A plnt_nas -p tcp --dport 20:21 -j ACCEPT
iptables -A plnt_nas -p udp --dport 20:21 -j ACCEPT
iptables -A plnt_nas -p tcp --dport 137:139 -j ACCEPT
iptables -A plnt_nas -p udp --dport 137:139 -j ACCEPT
iptables -A plnt_nas -p tcp --dport 445 -j ACCEPT
iptables -A plnt_nas -p udp --dport 445 -j ACCEPT

** Add these rules if you have DiskSync Backup service. Be sure to fill in the ip info for your Director and Agent Console. You can find the information by reading the install ticket, or by contacting us.

iptables -N plnt_dsync
iptables -A plnt_in -s **your_DiskSync_Director** -j plnt_dsync
iptables -A plnt_out -d **your_DiskSync_Director** -j plnt_dsync
iptables -A plnt_in -s **your_DiskSync_Agent_Console** -j plnt_dsync
iptables -A plnt_out -d **your_DiskSync_Agent_Console** -j plnt_dsync
iptables -A plnt_dsync -m state --state ESTABLISHED -j ACCEPT
iptables -A plnt_dsync -p tcp --dport 807:808 -j ACCEPT
iptables -A plnt_dsync -p tcp --dport 2546 -j ACCEPT

Thank you for your cooperation,

The Planet Managed Services Team