Knowledgebase

Setting up Firewall Rules Print

  • 2

Our systems come configured with a fully-closed DENY ALL rule. This allows for proper security on your server and leaves all ports closed until you open them in your myFalcon Firewall Manager. Once ready, launch your myFalcon Firewall Manager to setup Firewall Rules. You will need to setup a rule for SSH for your IP address at home, along with any wide open ports for website hosting or game server hosting.

Rules define what is either whitelisted (allowed) or blacklisted (denied). Game servers require specific ports to be placed in your Firewall Rules to allow proper communication. If you have any questions on the proper configuration for your specific game server, please contact our Technical Support team by opening a ticket in our Client Area.

Firewall Rules can be configured by clicking on Firewall in our Client Area and clicking on Manage Firewall next to the IP you wish to manage:

Your Firewall rules are visible in the first tab that loads. An example Allow-All rule is shown below. To create a new Firewall Rule, select the "New Rule" button.

Create a Rule by following the instructions below. Pressing the red X next to any firewall rule will mark it for deletion. Rules being deleted from our Firewalls can take up to 15-30 minutes to apply.

Creating a Rule

Once you've clicked on the "New Rule" button you will be presented with a series of options:

Be sure to set the following for each Firewall Rule you create:

  • Rule Name - Specify a name for each Firewall Rule for easy reference in your MyFalcon Firewall Manager
  • Protocol - All will open the flood gates for everything, including all TCP/UDP ports. Select either TCP or UDP to create specific firewalls rules.
  • Source IP - Setting to 0.0.0.0/0 will Allow All from any IP Address, if you want to set to a specific IP, say to only allow TCP 22 SSH traffic to your IP, put xxx.xxx.xxx.xxx/32 where the x's are your IP address. Single IPs are classified as a /32 in the network space.
  • Type: Whitelist will allow traffic through the firewall, Blacklist will deny traffic through the firewall, and Ratelimit allows you to select a Rate Limiter previously configured in the Rate Limiters tab.

Rules are created to allow inbound and outbound traffic to specific ports on our firewalls. Rules can take up to 15-30 minutes to apply globally to all our locations. Once set, be patient and if you have any questions reach out for assistance.

For newly activated VPS and Bare Metal servers on our 1Gbps network, our systems come configured with a closed DENY-ALL rule. You can get your home IP by visiting https://ipinfo.io. When specifying the source IP, add /32 at the end. For example, if your home IP was 23.143.40.150, you would put 23.143.40.150/32 as the source IP. /32 designates single IP addresses in the networking space.

Remember! If you want to allow SSH access to your IP address, set a TCP rule to your Source IP address for your home computer for port 22. Give it 15 minutes and you'll be able to remotely manage your server. If you plan on hosting any websites or games, be sure to open ports 443, 80 (if not using SSL), and any respective game ports (ex. GTA V 30120 tcp and udp). It's important to remember setting the source IP to 0.0.0.0/0 will open that specific port for anyone on the internet.


Was this answer helpful?
Back