Managing firewall rules

NOTE

This feature is only available in ShellHub Cloud.

ShellHub provides flexible firewall for filtering SSH connections. It gives a fine-grained control over which SSH connections reach the devices.

Using Firewall Rules you can deny or allow SSH connections from specific IP address to a specific or a group of devices using a given username.

Each firewall rule has a priority number which is evaluated in ascending order (starting with the lowest). It's makes a lot easier to manage a large number of firewall rules.

You can configure Firewall Rules from the ShellHub UI (see image below).

A firewall rule is composed of the following parameters:

• Active: Indicates if the rule is active
• Priority: The rule's priority
• Action: Firewall action to perform (allow or deny)
• Source IP: Incoming connection's source IP address (regexp format)
• Username: Incoming connection's target username (regexp format)
• Hostname: Incoming connection's target device's hostname (regexp format)

Pay attention

The following parameters has support for regular expression: Source IP, Username, Hostname. Make sure to escape the periods in the value of these parameters.