Replies: 2 comments 1 reply
-
|
This exactly what ACLs are for. |
Beta Was this translation helpful? Give feedback.
-
|
Thank you @mattkasun for pointing this out! Regarding my example: I can allow or disallow A to talk to C, but I can't limit the communication to a specific service / port this way. So either A would have access to PostgreSQL and MySQL running on C or none of them, right? Do I need to combine ACLs with custom iptables rules to accomplish that? |
Beta Was this translation helpful? Give feedback.
-
|
You are correct that ACLs are not at the port level and you would need firewall rules for that |
Beta Was this translation helpful? Give feedback.
-
From my understanding I can use netmaker to connect several hosts spread over the global network securely, so that they can communicate with each other as if they were connected to the same private network.
That would mean that every participating host would have access to all ports on the other systems per default.
Is there any access control feature included into netmaker where I can allow a specific host to connect only to specific ports on a host?
For example: I have three nodes, namely A, B and C.
A should have access to PostgreSQL on C running on port 5432 but to no other service on the network.
B should have access to MySQL on C running on port 3306 and nothing else.
What is the recommended way to do this setup with netmaker?
Is this even covered in any way, or is a manual iptables setup required (for example having ufw or shorewall configured on each node)?
Thank you for your hints or explanation in advance.
Beta Was this translation helpful? Give feedback.
All reactions