Secure Linux server ports Protect your Linux server by managing network ports effectively.
Secure Linux server ports Protect your Linux server by managing network ports effectively.
I've got two virtual machines set up on Oracle's cloud. One hosts a website and a Teamspeak server, while the other is my personal VM for VPN and ad blocking with a Samba share. They're all on an open network. For security, I need to restrict access: the website/server should be reachable from anywhere, but my personal VM must only connect via VPN. Both run Ubuntu with iptables, but I need to set up my server so it only accepts traffic through the VPN (using WireGuard).
The goal is to maintain two iptables save configurations—one for when the VPN is inactive and you require administrative access, and another when it’s active. Transitioning between these settings can be achieved via ifup/down scripts (if supported), hooks from the VPN package (if available), or a custom watchdog daemon that monitors interface status. It’s important to consider how the VPN interacts with iptables, ensuring critical ports remain open while allowing necessary outbound traffic for system operations. Ideally, combining both management and VPN tables in one file simplifies management and reduces complexity.