I have a backup server and I was wondering if I set a cron job to allow connection from a server in IPTables then once it connects with rsync, can I use IPTables to then shut off the port to prevent connections?
The idea is to block the chance of backups getting wiped if the main server got compromised(yes, it is secured but i dont take chances.)
EDIT: After trying stuff and because of how things work. I decided the best idea will be to setup a second server which will just pull from the first server.
Answer
Assuming it connects over ssh rather than rsyncd, you could handle this with a rule such as this
iptables -A INPUT -s
Providing there are no other rules to allow it and the policy for INPUT is REJECT or DROP, this will work.
If you also want to restrict this to a specific time, additionally use -m time --timestart 01:00:00 --timestop 01:02:00 - which would provide a two minute window every day starting at 1AM
No comments:
Post a Comment